Skip to main content

VolgaCTF 2017 – time_is

I solved this challenge with my teammate @javierprtd. Category: Exploiting. Points: 150. Binary: time_is. By executing the binary, we can see.

Well, format string vulnerability found The binary read from stdin using __getlimit function, and the unique limiter is ‘\n’.

The __printf_chk function is used for printing in stdout and checking if the […]

Read More

XiomaraCTF 2017 – mint

In this challenge debugging was unneccesary . If I execute it, this is the output:

We can add a text, edit and show it. The vulnerability So, I add a text, the max length is 0x30, but if edit the text, there are two options:

When I choose the first option, we can […]

Read More

FwhibbitCTF 2017 – Bomb

Category: Reversing. Points: 450. We need an 8 digits code to disable the bomb. That code is used to operate with two arrays of bytes. Any mistake will make the bomb to explode.

My solution is below: The code is 8 digits long, every digit goes from 0 to 9, that code is used to operate with […]

Read More