Anwendung - System Anwendung - System

Diese Herausforderungen werden Ihnen helfen, die Schwachstellen von Anwendungen zu verstehen.

Das Ziel ist es, zusätzliche Rechte zu erhalten, indem die Schwächen des Programms ausgenutzt werden und ein Kennwort zur Validierung von Aufrufen auf dem Portal erhalten wird.

Voraussetzung ist:
 GDB.
 Kenntnisse in ASM.
 Kenntnisse in der Sprache C.

challenges 84 Übungen

Ergebnis Name Validierung Anzahl der Punkte  Erklärung der Punktevergabe Schwierigkeitsgrad  Schwierigkeitsgrad Autor Bewertung  Bewertung Musterlösung date
pas_valide ELF x64 - Browser exploit - BitString 1% 31 135 pickle 0 15. Dezember 2018
pas_valide LinKern MIPSel - Vulnerable ioctl 1% 52 100 pickle 0 23. Oktober 2018
pas_valide ELF x64 - Heap feng-shui 1% 69 110 laxa 0 4. August 2017
pas_valide ELF x64 - FILE structure hijacking 1% 32 110 voydstack 0 27. Mai 2021
pas_valide ELF ARM - Use After Free 1% 89 110 pickle 0 22. März 2017
pas_valide ELF ARM - Format String bug 1% 84 110 pickle 0 14. März 2017
pas_valide ELF x64 - Sigreturn Oriented Programming 1% 247 105 Arod 0 25. Juni 2015
pas_valide ELF ARM - Heap format string bug 1% 75 105 franb 0 3. Juni 2017
pas_valide LinKern x64 - reentrant code 1% 165 100 franb 0 1. März 2016
pas_valide ELF x86 - Hardened binary 4 1% 391 100 sm0k 0 11. Februar 2012
pas_valide ELF x86 - Hardened binary 5 1% 299 110 sm0k 0 11. Februar 2012
pas_valide ELF x86 - Hardened binary 3 1% 341 100 sm0k 0 11. Februar 2012
pas_valide ELF x86 - Hardened binary 2 1% 557 100 sm0k 0 11. Februar 2012
pas_valide ELF x86 - Hardened binary 1 1% 707 100 sm0k 0 11. Februar 2012
pas_valide ELF MIPS - URLEncoded Format String bug 1% 28 100 pickle 0 7. Oktober 2018
pas_valide ELF ARM - Alphanumeric shellcode 1% 40 100 pickle 0 16. März 2017
pas_valide LinKern x64 - Race condition 1% 297 95 franb 0 16. Februar 2016
pas_valide LinKern x86 - Null pointer dereference 1% 447 90 franb 0 16. Februar 2016
pas_valide LinKern x86 - Buffer overflow basic 1 1% 464 85 franb 0 16. Februar 2016
pas_valide ELF x64 - Off-by-one bug 1% 131 110 NeedToLearn 0 19. Mai 2016
pas_valide LinKern ARM - Stack Overflow 1% 57 110 pickle 0 24. Juli 2017
pas_valide ELF x86 - Blind remote format string bug 1% 296 80 Lyes 0 8. Juni 2015
pas_valide ELF x64 - Seccomp Whitelist 1% 59 120 pickle 0 3. Juni 2017
pas_valide ELF x64 - Blind ROP 1% 97 135 franb 0 10. März 2018
pas_valide ELF x64 - Advanced Heap Exploitation - Heap Leakless & Fortified 1% 21 135 nobodyisnobody 0 27. Mai 2021
pas_valide ELF x64 - Remote Heap buffer overflow 2 1% 122 130 Tosh 0 1. Juli 2015
pas_valide WinKern x64 - Use After Free 1% 18 120 __syscall 0 27. Januar 2020
pas_valide WinKern x64 - Advanced stack buffer overflow - ROP 1% 26 120 __syscall 0 27. Januar 2020
pas_valide LinKern x64 - Memory exploration 1% 114 120 franb 0 27. Juli 2016
pas_valide ELF x86 - Blind ROP 1% 129 120 franb 0 9. Oktober 2016
pas_valide ELF ARM - Heap Overflow 1% 41 120 pickle 0 2. April 2017
pas_valide LinKern x86 - basic ROP 1% 244 110 franb 0 6. Mai 2016
pas_valide ELF ARM - Heap buffer overflow - Wilderness 1% 33 120 pickle 0 25. März 2017
pas_valide LinKern x64 - SLUB off-by-one 1% 61 115 Tosh 0 9. Mai 2019
pas_valide LinKern x64 - RowHammer 1% 75 115 pickle 0 17. März 2019
pas_valide ELF x86 - Remote stack buffer overflow - Hardened 1% 156 115 franb 0 17. August 2016
pas_valide ELF x86 - Hardened binary 7 1% 232 115 Tosh 0 21. Januar 2013
pas_valide ELF x86 - Hardened binary 6 1% 281 115 sm0k 0 11. Februar 2012
pas_valide ELF x64 - Remote Heap buffer overflow 1 1% 162 115 Tosh 0 26. Juni 2015
pas_valide ELF ARM - Heap Off-by-One 1% 54 115 pickle 0 11. März 2017
pas_valide LinKern ARM - vulnerable syscall 1% 142 85 pickle 0 22. März 2017
pas_valide ELF x64 - Remote heap buffer overflow - fastbin 1% 267 80 franb 0 5. Februar 2017
pas_valide ELF x86 - Stack buffer overflow - C++ vtables 1% 805 40 sebbb 0 20. Juli 2015
pas_valide ELF x86 - Stack buffer overflow basic 4 1% 2619 30 Lu33Y 0 8. Februar 2012
pas_valide PE32+ Basic ROP 1% 50 75 Ech0 0 6. Dezember 2019
pas_valide ELF MIPS - Basic ROP 1% 131 40 dagger 0 7. Oktober 2018
pas_valide ELF ARM - Basic ROP 1% 660 40 pickle 0 11. März 2017
pas_valide PE32 - Advanced stack buffer overflow 1% 193 35 Ech0 0 3. Dezember 2019
pas_valide ELF x86 - Format String Bug Basic 3 1% 1140 35 Lyes 0 27. Mai 2015
pas_valide ELF x86 - Format string bug basic 1 4% 8580 15 Lu33Y 0 8. Februar 2012
pas_valide ELF x64 - Stack buffer overflow - basic 3% 6613 20 Arod 0 31. Mai 2015
pas_valide PE32 - Stack buffer overflow basic 1% 1598 10 Ech0 0 3. Dezember 2019
pas_valide ELF x64 - Stack buffer overflow - PIE 1% 588 30 HomardBoy 0 26. März 2021
pas_valide ELF ARM - Stack Spraying 1% 227 30 pickle 0 2. April 2017
pas_valide ELF x86 - Use After Free - basic 1% 1405 25 Esad 0 26. Mai 2019
pas_valide ELF x86 - Stack buffer overflow basic 3 2% 4341 25 Lyes 0 10. April 2015
pas_valide ELF x64 - Double free 1% 486 25 Esad 0 23. März 2021
pas_valide ELF MIPS - Stack buffer overflow - No NX 1% 439 25 franb 0 28. September 2018
pas_valide PE32+ Format string bug 1% 84 45 Ech0 0 3. Dezember 2019
pas_valide ELF x86 - Bug Hunting - Several issues 1% 101 50 sbrk 0 19. Januar 2018
pas_valide ELF x86 - Race condition 3% 5631 20 Lu33Y 0 8. Februar 2012
pas_valide ELF x64 - Browser exploit - Intro 1% 73 70 pickle 0 2. November 2018
pas_valide ELF x86 - Remote Format String bug 1% 926 75 Tosh 0 6. Februar 2012
pas_valide ELF x86 - Remote BSS buffer overflow 1% 731 75 Tosh 0 6. Februar 2012
pas_valide ELF x86 - Out of bounds attack - French Paradox 1% 103 70 sbrk 0 17. September 2017
pas_valide ELF x64 - ret2dl_init 1% 27 70 kikko 0 27. Mai 2021
pas_valide ELF x64 - Heap Safe-Linking Bypass 1% 32 70 nobodyisnobody 0 22. Oktober 2021
pas_valide ELF x64 - Buggy VM 1% 32 70 NonStandardModel 0 10. Juni 2022
pas_valide ELF ARM - Race condition 1% 127 70 pickle 0 3. Juni 2017
pas_valide ELF x86 - Stack buffer and integer overflow 1% 1797 50 Lu33Y 0 8. Februar 2012
pas_valide ELF x64 - File Structure Hacking 1% 51 65 nobodyisnobody 0 27. Mai 2021
pas_valide ELF x86 - Information leakage with Stack Smashing Protector 1% 816 60 Arod 0 20. Mai 2015
pas_valide ELF x64 - Heap Filling 1% 44 60 voydstack 0 27. Mai 2021
pas_valide ELF MIPS - Format String Glitch 1% 59 60 pickle 0 21. Oktober 2018
pas_valide ELF x64 - Stack buffer overflow - advanced 1% 1215 55 Arod 0 5. Juni 2015
pas_valide ELF x86 - Stack buffer overflow basic 5 1% 1670 50 Lu33Y 0 8. Februar 2012
pas_valide ELF x86 - Stack buffer overflow - ret2dl_resolve 1% 271 50 kikko 0 28. Februar 2019
pas_valide ELF x86 - Format string bug basic 2 2% 4353 20 Lyes 0 8. April 2015
pas_valide ELF x86 - Stack buffer overflow basic 2 6% 13614 10 Lyes 1 10. April 2015
pas_valide ELF ARM - Stack buffer overflow - basic 1% 1220 25 pickle 1 9. März 2017
pas_valide ELF x86 - BSS buffer overflow 2% 3805 30 Lu33Y 1 8. Februar 2012
pas_valide ELF x86 - Stack buffer overflow basic 6 1% 2589 30 TiWim 1 10. März 2016
pas_valide ELF x64 - Logic bug 1% 180 50 sbrk 1 8. Juli 2017
pas_valide ELF x86 - Stack buffer overflow basic 1 8% 19014 5 Lyes 3 25. März 2015

Ergebnisse der Übungen Ergebnisse der Übungen

Nickname Übungen Sprache date
pedrosensei App - Système  PE32 - Stack buffer overflow basic fr 1. Oktober 2022 zu  18:17
pedrosensei App - Système  ELF x64 - Stack buffer overflow - PIE fr 1. Oktober 2022 zu  17:20
WooT App - Système  ELF x86 - Hardened binary 2 fr 1. Oktober 2022 zu  04:12
채르 App - System  ELF x64 - Stack buffer overflow - basic en 1. Oktober 2022 zu  04:04
edrflt App - Système  ELF x86 - Format string bug basic 1 fr 1. Oktober 2022 zu  02:48
Tom App - System  PE32+ Basic ROP en 1. Oktober 2022 zu  01:14
syndraum App - Système  ELF x86 - Stack buffer overflow basic 2 fr 30. September 2022 zu  23:56
RRRectioniz App - System  ELF x86 - Race condition en 30. September 2022 zu  23:31
LaGelee App - Système  ELF x86 - Stack buffer overflow basic 3 fr 30. September 2022 zu  23:25
RRRectioniz App - System  ELF x86 - Format string bug basic 2 en 30. September 2022 zu  22:23