Protostar Exploit Challenges Final 2 Solution

Introduction This tutorial covers the final2 program from the protostar exploit challenges. It is a remote heap overflow attack. Getting Familiar This program seemed a bit less familiar to me than previous challenges so I spent some time figuring out what was going on. I started with the get_requests function. The first thing I noticed […]

Protostar Exploit Challenges Heap2 Solution

Introduction This scenario requires knowledge of heap allocations and a bit about the nature of the C language. Take your time to familiarize yourself with the code as it can be rather confusing if you are a newcomer. Specifically, take time to think about what is happening in memory during the allocations for auth->name, auth->auth, […]

Protostar Exploit Challenges Heap1 Solution

Introduction This challenge introduces the concept of control flow hijacking. It’s another heap based buffer overflow. The overflow isn’t hard to find, just look at the only two strcpy calls and you’ll notice neither of them do any bounds checking. Finding the Exploit I wasn’t immediately sure what to do with this one so I […]

Protostar Exploit Format4 Challenge Solution

Introduction For this challenge we will use a global offset table (GOT) overwrite. If you are unfamiliar with the mechanics of the GOT check out this site. The exploitation phase will be very similar to format3. We will use the direct parameter access method to overwrite address space with our addresses of interest. We will […]

CCNP Route

Passed CCNP Route! If you’re studying for CCNP Route I strongly recommend finding a review guide and ditching the official book. The official book by Odem was a great reference, but it just had far too much extraneous information. While I do love learning for learning’s sake, at the end of the day you still […]