‘Flippin Bank’ is a crypto challenge on HackTheBox, and I loved it because it showcased a classic CBC bit flipping attack.
I’ll be honest, I thought of a very different attack at first (which I will briefly show at the end), but then I realised that although mathematically possible, it was impossible in this challenge.
I will not only walk you through the challenge, but I will also explain the CBC bit flipping attack as I go. Hopefully, this helps you create a clearer mental picture of what’s happening.
The challenge description reads:
The Bank of the World is under…
In Windows, loading an executable and then running it completely from memory, is quite complicated; lots of complicated stuff is involved (at least for me).
Doing so in Linux, however, is fairly easier, and requires no custom loaders. This is due to how Linux handles everything: in files.
In Windows, you basically have everything treated as an object. As opposed, everything in Linux is a file, including memory itself. This, added to how Linux processes such ‘memory files’, makes it very easy to load and execute elfs from memory.
Hey there folks!
Yesterday, I was writing an automating script for something, and it needed me to run a tool on several arguments one at a time. Thing is, the tool was single threaded, so there was no way to, say, just hand the tool a wordlist and have it crunch through it.
Now obviously, if I knew how to code in Go, I would have simply implemented the feature. But I didn’t. Plus, this isn’t the first time that I have come across such situations. I wanted a generic solution. So, I wrote this utility tool.
‘Make-My-Threads’ is a…
This challenge is different than all the preceding challenges in the picoGym in the sense that unlike the previous ones, this one doesn’t need you to exploit any vulnerability in the binary itself, but rather attack the logic implemented in the executable to show that it’s vulnerable.
First things first, I downloaded the binary, and threw it under radare2 to observe and reverse. …
I have recently started solving binary pwn challenges anywhere I can find them, and this one — ‘Guessing Game 2’ by picoCTF really proved to be a challenge, but not because of the challenge itself but rather because of some discrepancy issues.
If you are just beginning to pwn this binary, DO NOT use the provided
Makefile to compile your own binary, because there is a discrepancy between the program actually running on the server, and what the makefile…
Hey folks! This is my first write-up ever, and I chose TryHackMe’s ‘Anonymous Playground’ room created by Nameless0ne. The foothold part was a bit annoying because I am impatient at times, but the privesc was awesome.
The creator designed this room to have 2 users and a root user, and sequentially escalate through them, but I found a way to directly escalate to root from foothold. So, if you are searching for how the creator intended this room to be solved, please look for other write-ups. …
Programmer🔸Hacker (aka CaptainWoof)🔸Content-creator