Skip to content

In this repository, I will share my solutions for reverse engineering challenges.

Notifications You must be signed in to change notification settings

dolby360/crackme_challenges

Repository files navigation

crackme_challenges

Most challenges originate from picoCTF

Binary exploitation

Background link
This was my first challenge where I had to craft a keygen,
reminiscent of the ones we used to create back in the year 2000.
challenge 1
I utilized a ROPchain and managed to leak the system and /bin/sh addresses. Here's a LIBC
A simple example of printf formatting vulnerability Stonks
Exploiting a vulnerability in glibc 2.27's tcache mechanism. Cache Me Outside
Use after free Unsubscriptions Are Free
Buffer under flow babygame01
In-depth Explanation of Buffer Overflow Clutter Overflow
Just another BOF Simple buffer overflow
How to find the right glibc, RPO, buffer overflow, cannary leak, return to libc Guessing_Game_2
Use rand seed from libc to find the next rand numbers md5 calculator

Cryptography

Background link
brute-force RSA mind_your_ps_and_qs
Breaking down the problem until it solved New Caesar

Web

Web Challenges

PRO TIP

You're interested in crafting your own Python automation scripts for the exploits. However, you're also keen on debugging your code as it runs. Wondering how you can effectively achieve this? This is a cool life hack on how to run the binary as server and attach gdb.

Make fifo file

mkfifo fifo

run netcat and redirect the input from fifo:

nc -l -p 8080 < fifo | ./hash >fifo

gdb to fun process:

process_name="hash"; pid=$(pgrep "$process_name"); [[ -n $pid ]] && gdb -p "$pid" -x .gdbinit

cat the content of a file into the running process:

cat buff | nc localhost 8080

or just set pwntool to local

p = pwn.remote("localhost", 8080)

About

In this repository, I will share my solutions for reverse engineering challenges.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published