All Posts

Exploitation a restricted format string vulnerability to get memory disclosures and performing ROP afterwards.

Reaching libc base from linker leak and ROP chain.

Bruteforcing 15 character long password generated by the srand function, using the current time as the seed.

Crack the secret 100-digit code in under 340 attempts and 60 seconds to prevent a nuclear meltdown.

Given a libc leak, perform a ret2libc attack.