Chaining 2 low impact bugs into Gitlab RCE. Real World CTF 2018 - Flaglab write-up.

Real World CTF Recently my team and I went to Zhengzhou, China for Real World CTF event. Organisation and venue were truly amazing. The format of the competition was a bit different from standard jeopardy-style. There was this not so popular concept of showing exploits on stage. To...

Read More

Writing plugins in Python

The advantage of dynamically typed language is that it's much easier to write some code that dynamically loads another code and uses it. The downside of lack of types is that it's harder to enforce the contract on the loaded code. There are ways around that and this post is about that. How to write...

Read More

Secfest write-ups

Puzzle palace - Pwn (100 + 0) Adventure time! Find the magic bytes, kill the wizard, get all the flags! Solves: 42 Service: nc pwn.ctf.rocks 6666 Download: http://dl.ctf.rocks/puzzle_palace.tar.gz Author: likvidera In the tar file we can find README and some libc version. README...

Read More

CONFidence conference impression + Random(crypto 100) write-up

On 18-19 May CONFidence conference took place in Cracow. This was my third IT conference and second cybersecurity con in my life. CONFidence is a con with a long tradition, the biggest cybersecurity meeting of specialist in Poland every year. Venue This year it gathered around 800 people, which was...

Read More

Vulnhub 1: Ew_Skuzzy

Me and few of my friends were asked to test some vulnerable environment that will be used as a playground for students, it was a lot of fun and motivated me to do some vulnhub.com in free time. That's my first write-up on the vulnhub machines, let me know if the description is good enough. 1. Reconnaissance Running...

Read More

EntropyGrapher - file visualization

Since I have finally found a bit of free time I was able to develop a project that was on my mind for quite some time now. The idea was simple, write some piece of code that would let me explore entropy of the contents of a file. I've written a little snippet, that yielded this: With the help of...

Read More

Shellcode creation - comparison of methods

In the part 2 of my guide on stack overflow exploitation I mentioned that there are several ways of creating shellcodes. This post is about some of them. 1. NASM The obvious way of creating shellcodes is writing it in assembly ourselves. To do that, we can use NASM, which is a x86/x86_64 assembler. Obvious drawback is that we cannot write for any other architecture with it(eg. arm64 for android). In...

Read More