WinKern x64 - Advanced stack buffer overflow - ROP

120 Punkte  0x0

Reversez le driver, trouvez les vulnerabilités qu’il expose et exploitez les sur un système Windows 10, afin d’obtenir les privilèges SYSTEM

Autor

__syscallSynacktiv,  

Stufe  Schwierigkeitsgrad

Validierung

6 Herausforderer 1%

Bewertung  Bewertung

7 votes

Bitte loggen Sie sich ein um auf diese Seite zugreifen zu können

  Musterlösung


 75 Übungen

Ergebnis Name Validierung Anzahl der Punkte  Erklärung der Punktevergabe Schwierigkeitsgrad  Schwierigkeitsgrad Autor Bewertung  Bewertung Musterlösung
pas_valide ELF x86 - Stack buffer overflow basic 1 8% 14041 5 Lyes 3
pas_valide ELF x86 - Stack buffer overflow basic 2 6% 10104 10 Lyes 1
pas_valide PE32 - Stack buffer overflow basic 1% 445 10 Ech0 0
pas_valide ELF x86 - Format string bug basic 1 4% 6604 15 Lu33Y 0
pas_valide ELF x64 - Stack buffer overflow - basic 3% 4982 20 Arod 0
pas_valide ELF x86 - Format string bug basic 2 2% 3266 20 Lyes 0
pas_valide ELF x86 - Race condition 3% 4497 20 Lu33Y 0
pas_valide ELF ARM - Stack buffer overflow - basic 1% 894 25 pickle 1
pas_valide ELF MIPS - Stack buffer overflow - No NX 1% 271 25 franb 0
pas_valide ELF x86 - Stack buffer overflow basic 3 2% 3293 25 Lyes 0
pas_valide ELF x86 - Use After Free - basic 1% 773 25 Esad 0
pas_valide PE32 - Advanced stack buffer overflow 1% 82 25 Ech0 0
pas_valide ELF ARM - Stack Spraying 1% 159 30 pickle 0
pas_valide ELF x86 - BSS buffer overflow 2% 3235 30 Lu33Y 1
pas_valide ELF x86 - Stack buffer overflow basic 4 2% 2147 30 Lu33Y 0
pas_valide ELF x86 - Stack buffer overflow basic 6 2% 1929 30 TiWim 1
pas_valide ELF x86 - Format String Bug Basic 3 1% 871 35 Lyes 0
pas_valide ELF ARM - Basic ROP 1% 447 40 pickle 0
pas_valide ELF MIPS - Basic ROP 1% 82 40 dagger 0
pas_valide ELF x86 - Stack buffer overflow - C++ vtables 1% 616 40 sebbb 0
pas_valide PE32+ Format string bug 1% 38 40 Ech0 0
pas_valide ELF x64 - Logic bug 1% 131 50 sbrk 1
pas_valide ELF x86 - Bug Hunting - Several issues 1% 68 50 sbrk 0
pas_valide ELF x86 - Stack buffer and integer overflow 1% 1547 50 Lu33Y 0
pas_valide ELF x86 - Stack buffer overflow - ret2dl_resolve 1% 124 50 kikko 0
pas_valide ELF x86 - Stack buffer overflow basic 5 1% 1421 50 Lu33Y 0
pas_valide ELF x64 - Stack buffer overflow - advanced 1% 904 55 Arod 0
pas_valide ELF MIPS - Format String Glitch 1% 37 60 pickle, martin 0
pas_valide ELF x86 - Information leakage with Stack Smashing Protector 1% 650 60 Arod 0
pas_valide ELF ARM - Race condition 1% 93 70 pickle 0
pas_valide ELF x64 - Browser exploit - Intro 1% 52 70 pickle 0
pas_valide ELF x86 - Out of bounds attack - French Paradox 1% 78 70 sbrk 0
pas_valide ELF x86 - Remote BSS buffer overflow 1% 658 75 Tosh 0
pas_valide ELF x86 - Remote Format String bug 1% 815 75 Tosh 0
pas_valide PE32+ Basic ROP 1% 16 75 Ech0 0
pas_valide ELF x64 - Remote heap buffer overflow - fastbin 1% 204 80 franb 0
pas_valide ELF x86 - Blind remote format string bug 1% 231 80 Lyes 0
pas_valide LinKern ARM - vulnerable syscall 1% 91 85 pickle 0
pas_valide LinKern x86 - Buffer overflow basic 1 1% 330 85 franb 0
pas_valide LinKern x86 - Null pointer dereference 1% 337 90 franb 0
pas_valide LinKern x64 - Race condition 1% 207 95 franb 0
pas_valide ELF ARM - Alphanumeric shellcode 1% 29 100 pickle 0
pas_valide ELF MIPS - URLEncoded Format String bug 1% 17 100 pickle 0
pas_valide ELF x86 - Hardened binary 1 1% 571 100 sm0k 0
pas_valide ELF x86 - Hardened binary 2 1% 455 100 sm0k 0
pas_valide ELF x86 - Hardened binary 3 1% 284 100 sm0k 0
pas_valide ELF x86 - Hardened binary 4 1% 317 100 sm0k 0
pas_valide LinKern MIPSel - Vulnerable ioctl 1% 29 100 pickle 0
pas_valide LinKern x64 - reentrant code 1% 110 100 franb 0
pas_valide ELF ARM - Heap format string bug 1% 54 105 franb 0
pas_valide ELF x64 - Sigreturn Oriented Programming 1% 189 105 Arod 0
pas_valide ELF ARM - Format String bug 1% 65 110 pickle 0
pas_valide ELF ARM - Use After Free 1% 61 110 pickle 0
pas_valide ELF x64 - Heap feng-shui 1% 50 110 laxa 0
pas_valide ELF x64 - Off-by-one bug 1% 95 110 NeedToLearn 0
pas_valide ELF x86 - Hardened binary 5 1% 244 110 sm0k 0
pas_valide LinKern ARM - Stack Overflow 1% 36 110 pickle 0
pas_valide LinKern x86 - basic ROP 1% 164 110 franb 0
pas_valide ELF ARM - Heap Off-by-One 1% 35 115 pickle 0
pas_valide ELF x64 - Remote Heap buffer overflow 1 1% 123 115 Tosh 0
pas_valide ELF x86 - Hardened binary 6 1% 228 115 sm0k 0
pas_valide ELF x86 - Hardened binary 7 1% 191 115 Tosh 0
pas_valide ELF x86 - Remote stack buffer overflow - Hardened 1% 111 115 franb 0
pas_valide LinKern x64 - RowHammer 1% 40 115 pickle 0
pas_valide LinKern x64 - SLUB off-by-one 1% 23 115 Tosh 0
pas_valide ELF ARM - Heap buffer overflow - Wilderness 1% 23 120 pickle 0
pas_valide ELF ARM - Heap Overflow 1% 25 120 pickle 0
pas_valide ELF x64 - Seccomp Whitelist 1% 38 120 pickle 0
pas_valide ELF x86 - Blind ROP 1% 89 120 franb 0
pas_valide Linkern x64 - Memory exploration 1% 73 120 franb 0
pas_valide WinKern x64 - Advanced stack buffer overflow - ROP 1% 6 120 __syscall, Synacktiv 0
pas_valide WinKern x64 - Use After Free 1% 5 120 __syscall, Synacktiv 0
pas_valide ELF x64 - Remote Heap buffer overflow 2 1% 89 130 Tosh, Fritz 0
pas_valide ELF x64 - Blind ROP 1% 57 135 franb 0
pas_valide ELF x64 - Browser exploit - BitString 1% 19 135 pickle 0