App - System

These challenges will help you understand applicative vulnerabilities.

Login credentials are provided for different challenge, the goal is to obtain additional rights by exploiting program’s weaknesses and get a password to validate challs on the portal.

Prerequisite:
- GDB.
- Knowledges in ASM.
- Knowledges in C language.

Challenges associated with this section 52 Challenges

Results Challenge's Name Validations Number of points  Explanation for the scores Difficulty  Difficulty Author Note  Notation Solution
pas_valide ELF x86 - Stack buffer overflow basic 1 9% 4838 5 Lyes 8
pas_valide ELF x86 - Stack buffer overflow basic 2 7% 3754 10 Lyes 4
pas_valide ELF x86 - Format string bug basic 1 5% 2769 15 Lu33Y 7
pas_valide ELF x64 - Stack buffer overflow - basic 4% 1766 20 Arod 6
pas_valide ELF x86 - Format string bug basic 2 3% 1298 20 Lyes 3
pas_valide ELF x86 - Race condition 4% 2085 20 Lu33Y 11
pas_valide ELF ARM - Stack buffer overflow - basic 1% 129 25 pickle 2
pas_valide ELF x86 - Stack buffer overflow basic 3 3% 1345 25 Lyes 4
pas_valide ELF ARM - Stack Spraying 1% 31 30 pickle 2
pas_valide ELF x86 - BSS buffer overflow 4% 1966 30 Lu33Y 4
pas_valide ELF x86 - Stack buffer overflow basic 4 3% 1252 30 Lu33Y 4
pas_valide ELF x86 - Stack buffer overflow basic 6 2% 699 30 TiWim 5
pas_valide ELF x86 - Format String Bug Basic 3 1% 422 35 Lyes 3
pas_valide ELF ARM - Basic ROP 1% 58 40 pickle 3
pas_valide ELF x86 - Stack buffer overflow - C++ vtables 1% 296 40 sebbb 5
pas_valide ELF x86 - Stack buffer and integer overflow 2% 1028 50 Lu33Y 3
pas_valide ELF x86 - Stack buffer overflow basic 5 2% 945 50 Lu33Y 4
pas_valide ELF x64 - Stack buffer overflow - advanced 1% 378 55 Arod 7
pas_valide ELF x86 - Information leakage with Stack Smashing Protector 1% 318 60 Arod 2
pas_valide ELF ARM - Race condition 1% 18 70 pickle 1
pas_valide ELF x86 - Remote BSS buffer overflow 1% 472 75 Tosh 3
pas_valide ELF x86 - Remote Format String bug 2% 567 75 Tosh 4
pas_valide ELF x64 - Remote heap buffer overflow - fastbin 1% 41 80 franb 2
pas_valide ELF x86 - Blind remote format string bug 1% 131 80 Lyes 4
pas_valide LinKern ARM - vulnerable syscall 1% 17 85 pickle 1
pas_valide LinKern x86 - Buffer overflow basic 1 1% 141 85 franb 2
pas_valide LinKern x86 - Null pointer dereference 1% 141 90 franb 1
pas_valide LinKern x64 - Race condition 1% 100 95 franb 1
pas_valide ELF ARM - Alphanumeric shellcode 1% 5 100 pickle 0
pas_valide ELF x86 - Hardened binary 1 1% 352 100 sm0k 5
pas_valide ELF x86 - Hardened binary 2 1% 265 100 sm0k 7
pas_valide ELF x86 - Hardened binary 3 1% 172 100 sm0k 4
pas_valide ELF x86 - Hardened binary 4 1% 180 100 sm0k 6
pas_valide LinKern x64 - reentrant code 1% 69 100 franb 1
pas_valide ELF ARM - Heap format string bug 1% 11 105 franb 1
pas_valide ELF x64 - Sigreturn Oriented Programming 1% 83 105 Arod 3
pas_valide LinKern x86 - basic ROP 1% 63 110 franb 4
pas_valide ELF ARM - Format String bug 1% 19 110 pickle 1
pas_valide ELF ARM - Use After Free 1% 14 110 pickle 1
pas_valide ELF x64 - Off-by-one bug 1% 44 110 NeedToLearn 3
pas_valide ELF x86 - Hardened binary 5 1% 124 110 sm0k 5
pas_valide ELF ARM - Heap Off-by-One 1% 15 115 pickle 1
pas_valide ELF x64 - Remote Heap buffer overflow 1 1% 61 115 Tosh 3
pas_valide ELF x86 - Hardened binary 6 1% 119 115 sm0k 5
pas_valide ELF x86 - Hardened binary 7 1% 101 115 Tosh 6
pas_valide ELF x86 - Remote stack buffer overflow - Hardened 1% 41 115 franb 3
pas_valide ELF - Blind ROP 1% 28 120 franb 4
pas_valide ELF ARM - Heap buffer overflow - Wilderness 1% 12 120 pickle 2
pas_valide ELF ARM - Heap Overflow 1% 13 120 pickle 1
pas_valide ELF x64 - Seccomp Whitelist 1% 8 120 pickle 1