Skip to main content

VolgaCTF 2017 – time_is

I solved this challenge with my teammate @javierprtd. Category: Exploiting. Points: 150. Binary: time_is. By executing the binary, we can see.

Well, format string vulnerability found The binary read from stdin using __getlimit function, and the unique limiter is ‘\n’.

The __printf_chk function is used for printing in stdout and checking if the […]

XiomaraCTF 2017 – mint

In this challenge debugging was unneccesary . If I execute it, this is the output:

We can add a text, edit and show it. The vulnerability So, I add a text, the max length is 0x30, but if edit the text, there are two options:

When I choose the first option, we can […]