pwnable.kr write-up : fix

To comply with the write-up rule of pwnable.kr, I will talk about hints to solve this challenge. Here is no solution and correct answer. I ask for your understanding. It is a challenge to read the flag by executing "fix". A source file called "fix.c" is provided. When I executed the "fix", I received two questions and got a "Segmentation fault" · · ·

pwnable.kr write-up : dragon

To comply with the rule 3, I masked some contents that is needed to solve this challenge.  It is called RPG game which can't win. It probably doesn't seem to win in the usual way. After running it a few times, I found that the Baby Dragon appears first and next is the Mama Dragon. The HP of the Mama Dragon is 80. The dragon could not · · ·

pwnable.kr write up : fsb

To comply with the rule 3, I masked some contents that is needed to solve this challenge.  The "fsb" means "Format String Bug". It is traditional vulnerability. ※ What is the FSB(Format String Bug) : Link <fsb.c> #include <stdio.h> #include <alloca.h> #include <fcntl.h> unsigned long long key; char buf[100]; char · · ·

pwnable.kr tiny_easy write-up

To comply with the rule 3, I masked some contents that is needed to solve this challenge. The "rookie mistake" in the hint means probably not using the memory corruption mitigation technique. In fact, none of the techniques like NX have been applied except ASLR. To obtain the flag, I should read flag with the group permission of the file "tiny_easy". · · ·

pwnable.kr ascii_easy write-up

To comply with the rule 3, I masked some things that is needed to solve this challenge. I thought that I may needs ROP, not RTL. Because, jump to the beginning of a function is required to use RTL, but ROP doesn't have to do that. When I run it, I got the message "triggering bug ...". This program requires one argument. <ascii_easy.c> #include · · ·

pwnable.kr otp write-up

I made a skeleton interface for one time password authentication system. I guess there are no mistakes. could you take a took at it? This challenge provides the otp.c file. The otp program has aslr, canary, nx memory protection. It looks like that inputs a string generated by the otp program as an argument. <otp.c> #include <stdio.h> #include · · ·

pwnable.kr simple login write-up

Can you get authentication from this server? The above image is the screen when executed. It is a program that prints a hash value when a any value is inputed. However, when I inputed the same values, different hash values are printed. This is the decompiled main() function. The Base64Decode() function is the same function as in the previous · · ·