Explore >> Select a destination
|
You are here 
|
tcode2k16.github.io | ||
| | | | |
wachter-space.de
|
|
| | | | | This is a writeup of an easy/medium pwn challenge called "Profile" featuring a type confusion, some GOT overwriting, and a funny but unnecessary one gadget exploit for the fun of it. We are given the following files: main.c profile (binary) Dockerfile docker-compose.yml Let's look at main.c and see if we can spot a vulnerability from the provided source code. #include #include #include #include struct person_t { int id; int age; char *name; }; void get_value(const char *msg, void *pval) { printf("%s", ms... | |
| | | | |
chovid99.github.io
|
|
| | | | | Security's blog made by Chovid99 | |
| | | | |
blog.bricked.tech
|
|
| | | | | A nice intro to heap challenges, featuring tchache and the unsortedbin. | |
| | | | |
swordbytes.com
|
|
| | | SwordBytes researchers have identified an Unauthenticated Remote Code Execution (RCE) vulnerability in Overwolf's Client Application by abusing a Reflected Cross-Site Scripting (XSS) issue present in the "overwolfstore://" URL handler. This vulnerability allows remote unauthenticated attackers to execute arbitrary commands on the underlying operating system that hosts Overwolf's Client Application. | ||
