SROP - Sigreturn Oriented Programming

A few months ago a colleague of mine created a simple buffer overflow challenge to teach others how to defeat ASLR. The program itself was written in assembly and only consisted of 3 syscalls more or less – read, write and exit. The overflow was easy, there was no boundary check…

Onapsis CTF from EkoParty writeups.

This CTF was one of the many hosted for the EkoParty event in Argentina. We were sadly not able to physically attend, although we did play the CTF, and it was great fun, learning some interesting things along the way. These are the challenges that will appear in the following…

Access from HackTheBox

A write up of Access from hackthebox.eu - Highlighting abuse of saved credentials in a Windows system for privilege escalation.…

Ypuffy from HackTheBox

A write up of Ypuffy from hackthebox.eu - Highlighting the exploitation of a certificate authority for privilege escalation…

Reddish from HackTheBox

A write up of Reddish from hackthebox.eu - It's about exploiting several applications and pivoting through a network until we can break out of Docker.…