pwn – exe's blog

CTF pwnLeave a comment

HDCTF 2023 pwn

HDCTF 2023 pwn

len3x3 June 10, 2023, 8:11 am August 10, 2023

[HDCTF 2023]pwnner 考点 ret2text 随机数查保护 ida分析后门函数思路绕过判断，有一个栈溢出机会 srand()的参数是种子，不是时间戳，属于伪随机数可以使用python的ctypes库生成随机数种子，这里用的是c的 exp [HDCTF 2023]KEEP ON 考点格式化字符串栈迁移查保护 ida分析解法一：格式化字符串思路存在格式化字符串漏洞有个system函数，但是shell函数是一个假的后门 …

#pwn

CTF pwnLeave a comment

GDOUCTF 2023 pwn

GDOUCTF 2023 pwn

len3x3 June 9, 2023, 12:44 pm August 10, 2023

ret2text
ret2shellcode

#pwn

BUUCTF CTF pwnLeave a comment

BUUCTF pwn ciscn_2019_n_5

BUUCTF pwn ciscn_2019_n_5

len3x3 October 28, 2022, 11:35 am August 9, 2023

ret2shellcode

#pwn

BUUCTF CTF pwnLeave a comment

BUUCTF pwn pwn2_sctf_2016

BUUCTF pwn pwn2_sctf_2016

len3x3 October 27, 2022, 6:50 am August 9, 2023

ret2libc

#pwn

BUUCTF CTF pwnLeave a comment

BUUCTF pwn [第五空间2019 决赛]PWN5

BUUCTF pwn [第五空间2019 决赛]PWN5

len3x3 October 27, 2022, 6:40 am August 9, 2023

格式化字符串

#pwn

BUUCTF CTF pwnLeave a comment

BUUCTF pwn ciscn_2019_c_1

BUUCTF pwn ciscn_2019_c_1

len3x3 October 26, 2022, 5:56 am August 9, 2023

ret2libc

#pwn

BUUCTF CTF pwnLeave a comment

BUUCTF pwn pwnable_orw

BUUCTF pwn pwnable_orw

len3x3 October 25, 2022, 5:11 am August 7, 2023

orw

#pwn

BUUCTF CTF pwnLeave a comment

BUUCTF pwn arvisoj_level1

BUUCTF pwn arvisoj_level1

len3x3 October 24, 2022, 5:07 pm August 7, 2023

ret2shellcode
ret2libc

#pwn

BUUCTF CTF pwnLeave a comment

BUUCTF pwn ciscn_s_9

BUUCTF pwn ciscn_s_9

len3x3 October 24, 2022, 5:03 am August 7, 2023

ret2shellcode
返回值覆盖

#pwn

BUUCTF CTF pwnLeave a comment

BUUCTF pwn ez_pz_hackover_2016

BUUCTF pwn ez_pz_hackover_2016

len3x3 October 23, 2022, 4:59 am August 7, 2023

ret2shellcode
泄露栈

#pwn