ELF ARM - Heap Overflow

120 Points  

Can you pwn the heap without convenient pointers to overwrite?

Author

pickle,  

Level  Difficulty

Validations

18 Challengers 1%

Note  Notation

7 Votes
To reach this part of the site please login

Solution  Solution

Challenge Results Challenge Results

Pseudo Challenge Lang date
hTm1zZwW   ELF ARM - Heap Overflow en 24 February 2018 at 00:16
Kileak   ELF ARM - Heap Overflow en 20 February 2018 at 18:13
XeR   ELF ARM - Heap Overflow fr 4 February 2018 at 21:59
panda   ELF ARM - Heap Overflow fr 16 December 2017 at 17:50
esanfelix   ELF ARM - Heap Overflow en 23 July 2017 at 19:53
kikko   ELF ARM - Heap Overflow fr 15 June 2017 at 22:54
und3ath   ELF ARM - Heap Overflow fr 21 May 2017 at 18:19
aldebaran   ELF ARM - Heap Overflow fr 17 May 2017 at 23:16
NeedToLearn   ELF ARM - Heap Overflow fr 12 May 2017 at 16:28
Alkanor   ELF ARM - Heap Overflow fr 11 May 2017 at 17:30

Challenges associated with this section 58 Challenges

Results Challenge's Name Validations Number of points  Explanation for the scores Difficulty  Difficulty Author Note  Notation Solution
pas_valide ELF x86 - Stack buffer overflow basic 1 9% 7598 5 Lyes 11
pas_valide ELF x86 - Stack buffer overflow basic 2 7% 5852 10 Lyes 8
pas_valide ELF x86 - Format string bug basic 1 5% 3994 15 Lu33Y 4
pas_valide ELF x64 - Stack buffer overflow - basic 4% 2833 20 Arod 4
pas_valide ELF x86 - Format string bug basic 2 3% 1911 20 Lyes 5
pas_valide ELF x86 - Race condition 4% 2854 20 Lu33Y 8
pas_valide ELF ARM - Stack buffer overflow - basic 1% 320 25 pickle 5
pas_valide ELF x86 - Stack buffer overflow basic 3 3% 1959 25 Lyes 2
pas_valide ELF ARM - Stack Spraying 1% 76 30 pickle 3
pas_valide ELF x86 - BSS buffer overflow 3% 2407 30 Lu33Y 4
pas_valide ELF x86 - Stack buffer overflow basic 4 2% 1575 30 Lu33Y 4
pas_valide ELF x86 - Stack buffer overflow basic 6 2% 1069 30 TiWim 4
pas_valide ELF x86 - Format String Bug Basic 3 1% 545 35 Lyes 2
pas_valide ELF ARM - Basic ROP 1% 134 40 pickle 2
pas_valide ELF x86 - Stack buffer overflow - C++ vtables 1% 399 40 sebbb 2
pas_valide ELF x64 - Logic bug 1% 56 50 sbrk 1
pas_valide ELF x86 - Bug Hunting - Several issues 1% 23 50 sbrk 0
pas_valide ELF x86 - Stack buffer and integer overflow 2% 1228 50 Lu33Y 3
pas_valide ELF x86 - Stack buffer overflow basic 5 2% 1125 50 Lu33Y 1
pas_valide ELF x64 - Stack buffer overflow - advanced 1% 516 55 Arod 3
pas_valide ELF x86 - Information leakage with Stack Smashing Protector 1% 435 60 Arod 2
pas_valide ELF ARM - Race condition 1% 45 70 pickle 1
pas_valide ELF x86 - Out of bounds attack - French Paradox 1% 39 70 sbrk 1
pas_valide ELF x86 - Remote BSS buffer overflow 1% 555 75 Tosh 1
pas_valide ELF x86 - Remote Format String bug 1% 667 75 Tosh 2
pas_valide ELF x64 - Remote heap buffer overflow - fastbin 1% 100 80 franb 0
pas_valide ELF x86 - Blind remote format string bug 1% 166 80 Lyes 0
pas_valide LinKern ARM - vulnerable syscall 1% 44 85 pickle 0
pas_valide LinKern x86 - Buffer overflow basic 1 1% 207 85 franb 1
pas_valide LinKern x86 - Null pointer dereference 1% 208 90 franb 0
pas_valide LinKern x64 - Race condition 1% 140 95 franb 0
pas_valide ELF ARM - Alphanumeric shellcode 1% 17 100 pickle 2
pas_valide ELF x86 - Hardened binary 1 1% 416 100 sm0k 2
pas_valide ELF x86 - Hardened binary 2 1% 324 100 sm0k 2
pas_valide ELF x86 - Hardened binary 3 1% 211 100 sm0k 1
pas_valide ELF x86 - Hardened binary 4 1% 231 100 sm0k 2
pas_valide LinKern x64 - reentrant code 1% 79 100 franb 1
pas_valide ELF ARM - Heap format string bug 1% 30 105 franb 0
pas_valide ELF x64 - Sigreturn Oriented Programming 1% 132 105 Arod 2
pas_valide LinKern x86 - basic ROP 1% 110 110 franb 1
pas_valide ELF ARM - Format String bug 1% 38 110 pickle 0
pas_valide ELF ARM - Use After Free 1% 34 110 pickle 0
pas_valide ELF x64 - Heap feng-shui 1% 25 110 laxa 1
pas_valide ELF x64 - Off-by-one bug 1% 64 110 NeedToLearn 0
pas_valide ELF x86 - Hardened binary 5 1% 158 110 sm0k 1
pas_valide LinKern ARM - Stack Overflow 1% 17 110 pickle 0
pas_valide ELF ARM - Heap Off-by-One 1% 25 115 pickle 1
pas_valide ELF x64 - Remote Heap buffer overflow 1 1% 75 115 Tosh 1
pas_valide ELF x86 - Hardened binary 6 1% 151 115 sm0k 1
pas_valide ELF x86 - Hardened binary 7 1% 122 115 Tosh 2
pas_valide ELF x86 - Remote stack buffer overflow - Hardened 1% 53 115 franb 1
pas_valide ELF ARM - Heap buffer overflow - Wilderness 1% 16 120 pickle 0
pas_valide ELF ARM - Heap Overflow 1% 18 120 pickle 0
pas_valide ELF x64 - Seccomp Whitelist 1% 20 120 pickle 0
pas_valide ELF x86 - Blind ROP 1% 36 120 franb 0
pas_valide Linkern x64 - Memory exploration 1% 46 120 franb 1
pas_valide ELF x64 - Remote Heap buffer overflow 2 1% 56 130 Tosh, Fritz 1
pas_valide ELF x64 - Blind ROP 1% 14 135 franb 0