Skip to content

Latest commit

 

History

History
154 lines (125 loc) · 5.29 KB

README.md

File metadata and controls

154 lines (125 loc) · 5.29 KB

CTF Writeups

Hey there, I'm Sean and I enjoy doing CTF problems in my spare time. My current position has me doing a lot of binary exploitation and software reverse engineering so I tend to focus on those categories. Most writeups that I see online suck and I hope these do a better job explaining some of the fundamental concepts.

In all of my solutions I try my best to include a reproducible solution written with pwntools. It's not about the flags, but about the journey that got us the flag.

Hopefully this doesn't age like milk, but I've also tried to do some video walkthroughs of some of these CTF problems. You can view them on YouTube.

The following is a list of common Unix Access topics and the CTF challenges that relate to them.

Unix Access Knowledge

Vulnerability Classes

Demonstrate the ability to exploit vulnerability classes

Demonstrate the ability to implement exploitation primitives

  • Arbitrary write primitive:
  • Relative write primitive:
  • Arbitrary read primitive:
  • How primitives can be chained to build an exploit
  • How a write primitive can be used to escalate privileges/execute arbitrary code:

Describe the purpose and structure of the following ELF linking structures and how they can be abused in binary exploitation

Describe the following dynamic relocation modes in terms of PLT/GOT data structure interaction, and how exploitation primitives differ between them

Demonstrate the ability to implement ROP/JOP to

Describe the purpose and implementation of exploitation mitigations

Software Reverse Engineering

Compare and contrast techniques and use cases of

Demonstrate familiarity in using the following types of tools to perform static and dynamic reverse engineering

Fuzzing techniques

  • Dumb fuzzing techniques
  • Code-coverage based fuzzing
  • Symbolic execution

CTF Blog Posts That I Find Useful