Insomni'hack Teaser Writeup 2024
In this weekend, I solved a interesting memory corruption vulnerability in WebAssembly binary.
Read moreV8 exploit - Revisiting oob-v8 *CTF2019
Recently, I start to maintain a repo related to 'web-pwn' in the github, which refer to the exploitation of memory-related vulnerabilities within essential web components like browsers, JavaScript runtimes, PHP runtimes, and others.
Read morehack.lu 2023 Writeup
This writeup contains an interesting mXSS challenge, named awesome-note-2, from the hack.lu this year.
Read moreSEETF 2023 Writeup
This weekend I participated in the SEETF 2023 event. The challenges are in good quality (two needs brute force). And I managed to solve a heap binary compiled with gilibc version 2.35 by abusing the exit handler since malloc_hook and free_hook are removed after 2.34.
Read moreJustCTF 2023 Writeup
Over the weekend, I made headway with several pwn challenges in Just CTF. One particularly instructive challenge required us to exploit the sqlite3 database using the command-line interface. Confronting and pwning a complex, large binary has always been a struggle for me. To learn from these challenges, I compiled several solutions, specifically focusing o..
Read morep4CTF teaser 2023 Writeup
I also participated in the p4 ctf last weekend. I managed to solve two AI-related challenges, reminding me of the materials that I was doing during my undergraduate studies. There is also an interesting blind pwn challenge about fmt and uninitialized read vulnerability.
Read moremeloCon CTF 2023 Writeup
At meloCon 2023, I attempted to solve two pwn challenges. The NoRegVM chall has multiple vulnerabilities but turned out that only the fmt vulnerability is exploitable. I utilized the double-staged fmt exploitation again which I just learned from the last week.
Read moreSDCTF 2023 Writeup
The money-printer-2 challenge is a really interesting format string challenge. It shows a cool fmt exploit technique that leverages chained pointer and brute forcing which I haven't seen before.
Read moreUMD CTF 2023 Writeup
This is the writeup for the umd ctf 2023 which was held by the University of Maryland. They provided a lot of interesting challenges in the Pokemon theme which I really enjoy :>.
Read moreDynamic Allocator Misuse(Tcache) - pwn.college
Here is my write-up for the dynamic-allocator-misuse(heap) module of the pwn.college. Due to the disclosure agreement, I won't post the full exploit but the PoC code to show the idea of the solutions. Glad to see they are adding more challenging levels at the end. Have fun.
Read more