Exploitation

Jail Escapes

Some problems involve running commands in a shell or interpreter with some character limitations. Here I detail some of the things you can do to bypass these restrictions that I’ve seen in previous CTFs.

Exploit Initscript

Binary exploit problems generally involve sending data to a binary and interpreting the output. This script uses the pwntools framework to automate much of the setup.

Payloads for Binaries

In pwn challenges, we often need to send exact byte-value payloads to processes or remote services to exploit them. Here are a few tips and reminders when attempting to do this.

GDB Tips

GDB is a powerful tool, but it can be easy to forget some of its basic commands when the commands can be so esoteric. Here, I’ve compiled a few useful tips and tricks I’ve come across while using GDB.

Python

High level languages can sometimes perform unexpectedly due to the way data types are interpreted. Here, I’ve compiled a few of the things I’ve come across specifically for Python.

Format String Attacks

Here’s a handy reference for attacking format string vulnerabilities.