Sign in

OSCP enthusiast | A curious, ‘amateur’, budding ethical hacker
If you do this, you are not alone

Introduction

Hey there folks!

Yesterday, I was writing an automating script for something, and it needed me to run a tool on several arguments one at a time. Thing is, the tool was single threaded, so there was no way to, say, just hand the tool a wordlist and have it crunch through it.

Now obviously, if I knew how to code in Go, I would have simply implemented the feature. But I didn’t. Plus, this isn’t the first time that I have come across such situations. I wanted a generic solution. So, I wrote this utility tool.

‘Make-My-Threads‘ — A tool that can run anything with multithreading

‘Make-My-Threads’ is a…


The challenge prompt

This challenge is different than all the preceding challenges in the picoGym in the sense that unlike the previous ones, this one doesn’t need you to exploit any vulnerability in the binary itself, but rather attack the logic implemented in the executable to show that it’s vulnerable.

Prerequisites

  • Nothing much really, read on to find out why

Tools Used

  • Pwntools (for the exploit script)
  • GCC (to compile the pattern generator)
  • Radare2 (for reversing the binary)

Understanding the Logic

Reversing the assembly

First things first, I downloaded the binary, and threw it under radare2 to observe and reverse. …


I have recently started solving binary pwn challenges anywhere I can find them, and this one — ‘Guessing Game 2’ by picoCTF really proved to be a challenge, but not because of the challenge itself but rather because of some discrepancy issues.

Prerequisite Knowledge:

Tools Used:

A word of caution:

If you are just beginning to pwn this binary, DO NOT use the provided Makefile to compile your own binary, because there is a discrepancy between the program actually running on the server, and what the makefile…


We are Anonymous.
We are Legion.
We do not forgive.
We do not forget.
Expect us.

Introduction

Hey folks! This is my first write-up ever, and I chose TryHackMe’s ‘Anonymous Playground’ room created by Nameless0ne. The foothold part was a bit annoying because I am impatient at times, but the privesc was awesome.

The creator designed this room to have 2 users and a root user, and sequentially escalate through them, but I found a way to directly escalate to root from foothold. So, if you are searching for how the creator intended this room to be solved, please look for other write-ups. …

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store