This year, I happened to finally have a chance to be in a good position to play Flare-On CTF, a yearly CTF published by FireEye. This year's edition offered 12 reverse-engineering challenges to solve in 6 weeks. This post is mostly a dump of the...
TL;DR Ready-to-play Qemu images for under-rated architectures (ARM, MIPS, PowerPC, SPARC, AARCH64) to play with, with all the tools builtin to understand memory corruption on non x86 environments here. Update (2018/05/15) The Mega.NZ repository...
Insomni'Hack CTF 2017 offered a series of 3 challenges (i.e. 3 different flags) on the same binary, called bender_safe: bender_safe was a Reversing challenge (50 pts) to discover the correct validation sequence; bender_safer (this one) was a...
TL;DR: It is possible to defeat stack canary protection when a binary is vulnerable to arbitrary file read. Intro First of, Happy New Year 2017 ✌ Recently, I've decided to thoroughly investigate the "Stack Smashing Protection" (SSP) on recent...
Even though well known methods exist to bypass ptrace deactivation on a process when spawning (fake ptrace() preloading, breakpoint on ptrace(), etc... ), it is trickier when process is already protected. Thankfully Linux 3.2+ was generous enough...