bi0s

ProxPi Relay Attack

2021-02-07

tl;dr

In this post, we are going to share our research into PKES systems and the possibility of Relay attacks on such systems.

Little Tricks - StarCTF 2021

g4rud4

2021-01-28

Forensics / Disk

tl;dr

Decrypt the bitlocker encrypted drive
extracting the flag from deleted PDF

Disk Encryption Bitlocker StarCTF

Favourite Architecture-1 - StarCTF 2021

Pwn-Solo

2021-01-20

Pwn

tl;dr

Abusing a stack overflow on a RISC-V binary to then return to shellcode.

Linux StarCTF Exploitation Shellcode RISC-V

BabyPAC - StarCTF 2021

d4rk_kn1gh7

2021-01-18

Pwn

tl;dr

Buffer overflow in AArch64
Bypass pointer authentication to leak libc and get shell

StarCTF ARM ROP PAC

Year In Review 2020

bi0s

2020-12-31

YearInReview

YearInReview

Diary - Balsn 2020

3agl3

2020-11-17

Pwn

tl;dr

Overflow from stdin stucture till main_arena.
Create fake fastbin chunks to get overlapping chunk and leak.
Overwrite __malloc_hook using fastbin attack.

Heap Balsn

Leakguard - HackTheVote 2020

Cyb0rG

2020-10-30

Pwn

tl;dr

overflow the char candle counter stored in the wax structure and trigger uaf.
Use the uaf to trigger double free and get shell.

Heap Linux HackTheVote

PIP Install - Week 2 - Magnet Weekly CTF

g4rud4

2020-10-20

Forensics / Android

tl;dr

Finding Picture-In-Picture application capability.
Most recently viewed web activity in Picture-In-Picture application on the device.

Magnet Weekly CTF ALEAP Picture-In-Picture

Mapping the Digits - Week 1 - Magnet Weekly CTF

g4rud4

2020-10-12

Forensics / Android

tl;dr

Finding the last modified timestamp of the file that maps names to IP’s accessed.

Autopsy Magnet Weekly CTF Android Forensics

Smash - TokyoWesterns CTF 2020

Cyb0rG

2020-09-22

Pwn / CET

tl;dr

Leak with Format String bug.
Use the arbitrary heap pointer write to overwrite __GI__IO_file_jumps.
Inject shellode in heap and get code execution in dfprintf.

Exploitation Format String CET BOF TokyoWesterns CTF