App - System

Diese Übungen setzen sich mit Schwachstellen in Programmen auseinander.

Bei jeder Übung werden Login-Daten für den Server zur Verfügung gestellt. Ziel ist es auf dem Server eine Schwachstelle in dem zur Verfügung gestellten Programm auszunutzen um zusätzliche Rechte zu erhalten. Mit diesen Rechten kann man dann das Passwort auslesen, mit dem die Übung auf der Plattform gelöst werden kann.

75 Übungen

Ergebnis	Name	Validierung	Anzahl der Punkte ↓↑	Schwierigkeitsgrad	Autor	Bewertung	Musterlösung
	ELF x86 - Stack buffer overflow basic 1	8% 14938	5		Lyes		3
	ELF x86 - Stack buffer overflow basic 2	6% 10682	10		Lyes		1
	PE32 - Stack buffer overflow basic	1% 636	10		Ech0		0
	ELF x86 - Format string bug basic 1	4% 6948	15		Lu33Y		0
	ELF x64 - Stack buffer overflow - basic	3% 5282	20		Arod		0
	ELF x86 - Format string bug basic 2	2% 3472	20		Lyes		0
	ELF x86 - Race condition	3% 4758	20		Lu33Y		0
	ELF x86 - Use After Free - basic	1% 912	25		Esad		0
	ELF x86 - Stack buffer overflow basic 3	2% 3475	25		Lyes		0
	ELF MIPS - Stack buffer overflow - No NX	1% 304	25		franb		0
	ELF ARM - Stack buffer overflow - basic	1% 967	25		pickle		1
	ELF ARM - Stack Spraying	1% 169	30		pickle		0
	ELF x86 - BSS buffer overflow	2% 3352	30		Lu33Y		1
	ELF x86 - Stack buffer overflow basic 4	2% 2209	30		Lu33Y		0
	ELF x86 - Stack buffer overflow basic 6	2% 2028	30		TiWim		1
	ELF x86 - Format String Bug Basic 3	1% 908	35		Lyes		0
	PE32 - Advanced stack buffer overflow	1% 107	35		Ech0		0
	ELF x86 - Stack buffer overflow - C++ vtables	1% 652	40		sebbb		0
	ELF MIPS - Basic ROP	1% 92	40		dagger		0
	ELF ARM - Basic ROP	1% 489	40		pickle		0
	PE32+ Format string bug	1% 50	45		Ech0		0
	ELF x64 - Logic bug	1% 143	50		sbrk		1
	ELF x86 - Bug Hunting - Several issues	1% 73	50		sbrk		0
	ELF x86 - Stack buffer and integer overflow	1% 1587	50		Lu33Y		0
	ELF x86 - Stack buffer overflow - ret2dl_resolve	1% 145	50		kikko		0
	ELF x86 - Stack buffer overflow basic 5	1% 1454	50		Lu33Y		0
	ELF x64 - Stack buffer overflow - advanced	1% 952	55		Arod		0
	ELF x86 - Information leakage with Stack Smashing Protector	1% 689	60		Arod		0
	ELF MIPS - Format String Glitch	1% 40	60		pickle, martin		0
	ELF ARM - Race condition	1% 100	70		pickle		0
	ELF x64 - Browser exploit - Intro	1% 57	70		pickle		0
	ELF x86 - Out of bounds attack - French Paradox	1% 84	70		sbrk		0
	ELF x86 - Remote BSS buffer overflow	1% 671	75		Tosh		0
	ELF x86 - Remote Format String bug	1% 835	75		Tosh		0
	PE32+ Basic ROP	1% 23	75		Ech0		0
	ELF x64 - Remote heap buffer overflow - fastbin	1% 216	80		franb		0
	ELF x86 - Blind remote format string bug	1% 242	80		Lyes		0
	LinKern ARM - vulnerable syscall	1% 101	85		pickle		0
	LinKern x86 - Buffer overflow basic 1	1% 355	85		franb		0
	LinKern x86 - Null pointer dereference	1% 354	90		franb		0
	LinKern x64 - Race condition	1% 220	95		franb		0
	ELF ARM - Alphanumeric shellcode	1% 34	100		pickle		0
	ELF MIPS - URLEncoded Format String bug	1% 19	100		pickle		0
	ELF x86 - Hardened binary 1	1% 591	100		sm0k		0
	ELF x86 - Hardened binary 2	1% 472	100		sm0k		0
	ELF x86 - Hardened binary 3	1% 291	100		sm0k		0
	ELF x86 - Hardened binary 4	1% 323	100		sm0k		0
	LinKern MIPSel - Vulnerable ioctl	1% 33	100		pickle		0
	LinKern x64 - reentrant code	1% 116	100		franb		0
	ELF ARM - Heap format string bug	1% 61	105		franb		0
	ELF x64 - Sigreturn Oriented Programming	1% 197	105		Arod		0
	ELF x86 - Hardened binary 5	1% 250	110		sm0k		0
	LinKern x86 - basic ROP	1% 176	110		franb		0
	LinKern ARM - Stack Overflow	1% 40	110		pickle		0
	ELF x64 - Off-by-one bug	1% 104	110		NeedToLearn		0
	ELF ARM - Use After Free	1% 72	110		pickle		0
	ELF ARM - Format String bug	1% 72	110		pickle		0
	ELF x64 - Heap feng-shui	1% 54	110		laxa		0
	ELF x86 - Remote stack buffer overflow - Hardened	1% 119	115		franb		0
	LinKern x64 - RowHammer	1% 49	115		pickle		0
	LinKern x64 - SLUB off-by-one	1% 31	115		Tosh		0
	ELF x86 - Hardened binary 7	1% 198	115		Tosh		0
	ELF x86 - Hardened binary 6	1% 233	115		sm0k		0
	ELF x64 - Remote Heap buffer overflow 1	1% 135	115		Tosh		0
	ELF ARM - Heap Off-by-One	1% 43	115		pickle		0
	ELF ARM - Heap buffer overflow - Wilderness	1% 25	120		pickle		0
	ELF ARM - Heap Overflow	1% 33	120		pickle		0
	ELF x64 - Seccomp Whitelist	1% 40	120		pickle		0
	ELF x86 - Blind ROP	1% 96	120		franb		0
	Linkern x64 - Memory exploration	1% 78	120		franb		0
	WinKern x64 - Advanced stack buffer overflow - ROP	1% 11	120		__syscall, Synacktiv		0
	WinKern x64 - Use After Free	1% 8	120		__syscall, Synacktiv		0
	ELF x64 - Remote Heap buffer overflow 2	1% 102	130		Tosh, Fritz		0
	ELF x64 - Blind ROP	1% 66	135		franb		0
	ELF x64 - Browser exploit - BitString	1% 24	135		pickle		0

Ergebnisse der Übungen

Nickname	Übungen	Sprache	date
Slowerzs	ELF x64 - Seccomp Whitelist		28. Oktober 2020 zu 03:40
Black_Cat	ELF x86 - BSS buffer overflow		28. Oktober 2020 zu 01:44
Black_Cat	ELF x86 - Use After Free - basic		28. Oktober 2020 zu 00:36
Aonyx	ELF x86 - Information leakage with Stack Smashing Protector		27. Oktober 2020 zu 22:46
Mike	ELF x86 - Stack buffer overflow basic 4		27. Oktober 2020 zu 22:21
Thomyrock	ELF x86 - Stack buffer overflow basic 1		27. Oktober 2020 zu 19:32
the_fool	ELF ARM - Stack buffer overflow - basic		27. Oktober 2020 zu 19:10
_S_	ELF ARM - Stack buffer overflow - basic		27. Oktober 2020 zu 19:09
muzikalx	ELF x86 - Stack buffer overflow basic 3		27. Oktober 2020 zu 18:33
F4nt0mi4ld	ELF ARM - Basic ROP		27. Oktober 2020 zu 18:25