App - System App - System

These challenges will help you understand applicative vulnerabilities.

Login credentials are provided for different challenge, the goal is to obtain additional rights by exploiting program’s weaknesses and get a password to validate challs on the portal.

Prerequisite:
 GDB.
 Knowledges in ASM.
 Knowledges in C language.

challenges 89 Challenges

Results Name Validations Number of points  Explanation for the scores Difficulty  Difficulty Author Note  Notation Solution Date
pas_valide ELF x86 - Stack buffer overflow basic 1 7% 22782 5 Lyes 11 25 March 2015
pas_valide ELF x86 - Hardened binary 3 1% 378 100 sm0k 1 11 February 2012
pas_valide ELF x64 - Heap feng-shui 1% 94 110 laxa 2 4 August 2017
pas_valide ELF x64 - FILE structure hijacking 1% 63 110 voydstack 3 27 May 2021
pas_valide ELF ARM - Use After Free 1% 105 110 pickle 0 22 March 2017
pas_valide ELF ARM - Format String bug 1% 92 110 pickle 2 14 March 2017
pas_valide ELF ARM - Heap format string bug 1% 84 105 franb 1 3 June 2017
pas_valide LinKern x64 - reentrant code 1% 194 100 franb 2 1 March 2016
pas_valide LinKern MIPSel - Vulnerable ioctl 1% 67 100 pickle 0 23 October 2018
pas_valide ELF x86 - Hardened binary 4 1% 449 100 sm0k 2 11 February 2012
pas_valide ELF x86 - Hardened binary 2 1% 639 100 sm0k 3 11 February 2012
pas_valide ELF x86 - Hardened binary 5 1% 351 110 sm0k 1 11 February 2012
pas_valide ELF x86 - Hardened binary 1 1% 799 100 sm0k 3 11 February 2012
pas_valide ELF x64 - Blind SROP 1% 7 100 s1m 0 28 December 2023
pas_valide ELF MIPS - URLEncoded Format String bug 1% 37 100 pickle 0 7 October 2018
pas_valide ELF ARM - Alphanumeric shellcode 1% 48 100 pickle 2 16 March 2017
pas_valide LinKern x64 - Race condition 1% 348 95 franb 3 16 February 2016
pas_valide LinKern x86 - Null pointer dereference 1% 512 90 franb 1 16 February 2016
pas_valide ELF x64 - Sigreturn Oriented Programming 1% 289 90 Arod 4 25 June 2015
pas_valide LinKern x86 - Buffer overflow basic 1 1% 538 85 franb 3 16 February 2016
pas_valide ELF x64 - Off-by-one bug 1% 155 110 NeedToLearn 3 19 May 2016
pas_valide LinKern ARM - Stack Overflow 1% 67 110 pickle 0 24 July 2017
pas_valide ELF x86 - Blind remote format string bug 1% 330 80 Lyes 2 8 June 2015
pas_valide ELF x64 - Seccomp Whitelist 1% 81 120 pickle 0 3 June 2017
pas_valide ELF x64 - Browser exploit - BitString 1% 38 135 pickle 0 15 December 2018
pas_valide ELF x6