App - System

These challenges will help you understand applicative vulnerabilities.

Login credentials are provided for different challenge, the goal is to obtain additional rights by exploiting program’s weaknesses and get a password to validate challs on the portal.

Prerequisite:
- GDB.
- Knowledges in ASM.
- Knowledges in C language.

Challenges associated with this section 38 Challenges

Results Challenge's Name Validations Number of points  Explanation for the scores Difficulty  Difficulty Author Note  Notation Solution
pas_valide ELF32 - Stack buffer overflow basic 1 9% 3540 5 Lyes 10
pas_valide ELF32 - Stack buffer overflow basic 2 7% 2754 10 Lyes 5
pas_valide ELF32 - Format string bug basic 1 6% 2195 15 Lu33Y 2
pas_valide ELF32 - Format string bug basic 2 3% 1034 20 Lyes 4
pas_valide ELF32 - Race condition 4% 1676 20 Lu33Y 5
pas_valide ELF64 - Stack buffer overflow - basic 3% 1278 20 Arod 1
pas_valide ELF32 - Stack buffer overflow basic 3 3% 1001 25 Lyes 2
pas_valide ELF32 - BSS buffer overflow 4% 1664 30 Lu33Y 4
pas_valide ELF32 - Stack buffer overflow basic 4 3% 1058 30 Lu33Y 1
pas_valide ELF32 - Stack buffer overflow basic 6 2% 508 30 TiWim 2
pas_valide ELF32 - Format String Bug Basic 3 1% 335 35 Lyes 2
pas_valide ELF32 - Stack buffer overflow - C++ vtables 1% 228 40 sebbb 0
pas_valide ELF32 - Stack buffer and integer overflow 2% 861 50 Lu33Y 2
pas_valide ELF32 - Stack buffer overflow basic 5 2% 788 50 Lu33Y 1
pas_valide ELF64 - Stack buffer overflow - advanced 1% 288 55 Arod 0
pas_valide ELF32 - Information leakage with Stack Smashing Protector 1% 241 60 Arod 2
pas_valide ELF32 - Remote BSS buffer overflow 1% 419 75 Tosh 1
pas_valide ELF32 - Remote Format String bug 2% 478 75 Tosh 1
pas_valide ELF32 - Blind remote format string bug 1% 111 80 Lyes 0
pas_valide LinKern32 - Buffer overflow basic 1 1% 119 85 franb 0
pas_valide LinKern32 - Null pointer dereference 1% 119 90 franb 0
pas_valide LinKern64 - Race condition 1% 83 95 franb 0
pas_valide Hardened binary 1 1% 310 100 sm0k 0
pas_valide Hardened binary 2 1% 223 100 sm0k 0
pas_valide Hardened binary 3 1% 158 100 sm0k 1
pas_valide Hardened binary 4 1% 163 100 sm0k 0
pas_valide LinKern64 - reentrant code 1% 59 100 franb 1
pas_valide ELF64 - Sigreturn Oriented Programming 1% 71 105 Arod 0
pas_valide LinKern32 - basic ROP 1% 52 110 franb 0
pas_valide ELF64 - Off-by-one bug 1% 33 110 NeedToLearn 0
pas_valide Hardened binary 5 1% 111 110 sm0k 1
pas_valide ELF32 - Remote stack buffer overflow - Hardened 1% 31 115 franb 0
pas_valide ELF64 - Remote Heap buffer overflow 1 1% 56 115 Tosh 1
pas_valide Hardened binary 6 1% 110 115 sm0k 1
pas_valide Hardened binary 7 1% 90 115 Tosh 2
pas_valide ELF - Blind ROP 1% 19 120 franb 0
pas_valide Linkern64 - Memory exploration 1% 25 120 franb 1
pas_valide ELF64 - Remote Heap buffer overflow 2 1% 42 130 Tosh, Fritz 1

Challenge Results Challenge Results