Skip to content

sivaramaaa/pwn_lab

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

35 Commits

bin

bin

 
 

exploits

exploits

 
 

src

src

 
 

Heap_notes.md

Heap_notes.md

 
 

README.md

README.md

 
 

helper.py

helper.py

 
 

learning.md

learning.md

 
 

temp

temp

 
 

Repository files navigation

pwn_lab

Short notes :

Heap Exploit

Unlink vuln

Defcon Ctf - beatmeonthedl

House of Lore : Small bin corruption

UAF vuln

BCTF: Babyuse
plaidctf 2016: Basic UAF

Heap overflow

33c3ctf : Heap overflow

Format srting Exploit :

  1. Leak all string in stack using direct parameter access
  2. Leak Whole binary by using Dynelf which uses the concept that 32/64 bit binary has unique entry point after leaking whole text segment get libc. got addr thn got overwrite to get RCE

My code / Refrence :

Tool to automate
Sharifctf : Leak stack

Stack based exploit :

One-Shot-RCE gadget

If u don't have control over arguments to system() then we can use this gadget U can fid this gadget using the tool one_gadget . Usage : one_gadget -f libc.so

Oneshot TJCTF

BCTF: Babyuse

Return-oriented programming (ROP)

64 bit rop

All parameters must be in registers and not on stack

Asis ctf 64-bit rop

Return to shellcode

Load and execute !!!

Defcon ctf - smashme

Ret2Shellcode

Other stack based exploit

Stage'ed Shellcode

Random explit

ctf(x) Null-byte overflow

Bypass Shellcode filters

Bind tcp shell

Pipe Exploit

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages