Some problems involve running commands in a shell or interpreter with some character limitations. Here I detail some of the things you can do to bypass these restrictions that I’ve seen in previous CTFs.
Binary exploit problems generally involve sending data to a binary and interpreting the output. This script uses the pwntools framework to automate much of the setup.
Payloads for Binaries
In pwn challenges, we often need to send exact byte-value payloads to processes or remote services to exploit them. Here are a few tips and reminders when attempting to do this.
GDB is a powerful tool, but it can be easy to forget some of its basic commands when the commands can be so esoteric. Here, I’ve compiled a few useful tips and tricks I’ve come across while using GDB.
High level languages can sometimes perform unexpectedly due to the way data types are interpreted. Here, I’ve compiled a few of the things I’ve come across specifically for Python.
Format String Attacks
Here’s a handy reference for attacking format string vulnerabilities.