I was always very curious about vulnerabilities that kept popping up in the JIT compilers of various popular browsers. A couple of months I came across CVE-2019-11707, which was a type-confusion bu...

About a couple of weeks ago, teambi0s conducted InCTF, an International level CTF and I had the opportunity to create a couple of challenges - ateles and navarint. ateles . Now let’s delve into ate...

I wanted to take a few notes about my SpiderMonkey debugging and code review setup so that this can be a reference for the future me :). This short post will be about that only. Code Review My fa...

After getting a bit of hang over the standard C pwnables in CTFs, I was eager to see how this would work in the real world. So I tried starting of with browser pwn. I actually looked at CTFs challe...

Attachments: binary libc exploit This was a really fun challenge created by angelboy for HITCON CTF 2018. The following will be a writeup for the intended solution as gathered from the exp...

Attachments: binary libc source The binary is a 64-bit ELF, non-stripped. Here are the mitigation’s enforced. gdb-peda$ checksec CANARY : ENABLED FORTIFY : disabled NX ...

Attachments: binary libc source The binary is a non-stripped ELF 64 bit file. It is basically a kind of feedback accepting mechanism. Lets start with the permissions if the binary. gd...

This post will demonstrate an alternate way to exploit the House of Orange scenario which was originally shown by 4ngelboy. It involves using fastbin corruption on the old top chunk to allocate a c...

Install: Just download the script from the following link Usage: python findfile.py <path/to/pcap> Link: github.com/vigneshsrao/CTF-Forensics-scripts This script can detect files embedded in...

I didn’t get a chance to try this challenge out during the CTF, but it was a pretty interesting and fun challenge. The method I am going to describe may not be the most efficient but this is what c...