ELF x64 - Remote Heap buffer overflow 1

115 Points  

Heap overflow exploitation (ptmalloc2/glibc)

Author

Tosh,  

Level  Difficulty

Validations

86 Challengers 1%

Note  Notation

1
2
3
4
5
22 Votes
To reach this part of the site please login

Solution 2 Solutions

Display solutions Submit a solution

Challenge Results Challenge Results

Pseudo Challenge Lang date
Jrmbt   ELF x64 - Remote Heap buffer overflow 1 fr 7 November 2018 at 13:38
Tomtombinary   ELF x64 - Remote Heap buffer overflow 1 fr 6 November 2018 at 13:27
venom   ELF x64 - Remote Heap buffer overflow 1 en 21 October 2018 at 18:27
SolidSnake   ELF x64 - Remote Heap buffer overflow 1 fr 18 August 2018 at 16:36
philomath213   ELF x64 - Remote Heap buffer overflow 1 en 7 August 2018 at 23:06
Taryax   ELF x64 - Remote Heap buffer overflow 1 fr 25 July 2018 at 12:19
chmod   ELF x64 - Remote Heap buffer overflow 1 en 17 July 2018 at 11:41
ex0ns   ELF x64 - Remote Heap buffer overflow 1 fr 14 July 2018 at 01:34
scryh   ELF x64 - Remote Heap buffer overflow 1 en 5 July 2018 at 08:19
Pwny   ELF x64 - Remote Heap buffer overflow 1 en 13 June 2018 at 05:52

Challenges associated with this section 64 Challenges

Results Challenge's Name Validations Number of points  Explanation for the scores Difficulty  Difficulty Author Note  Notation Solution
pas_valide ELF x86 - Stack buffer overflow basic 1 9% 8922 5 Lyes 11
pas_valide ELF x86 - Stack buffer overflow basic 2 7% 6792 10 Lyes 9
pas_valide ELF x86 - Format string bug basic 1 5% 4612 15 Lu33Y 4
pas_valide ELF x64 - Stack buffer overflow - basic 4% 3294 20 Arod 4
pas_valide ELF x86 - Format string bug basic 2 3% 2240 20 Lyes 5
pas_valide ELF x86 - Race condition 4% 3212 20 Lu33Y 8
pas_valide ELF ARM - Stack buffer overflow - basic 1% 409 25 pickle 7
pas_valide ELF MIPS - Stack buffer overflow - No NX 1% 41 25 franb 1
pas_valide ELF x86 - Stack buffer overflow basic 3 3% 2221 25 Lyes 2
pas_valide ELF ARM - Stack Spraying 1% 97 30 pickle 3
pas_valide ELF x86 - BSS buffer overflow 3% 2597 30 Lu33Y 6
pas_valide ELF x86 - Stack buffer overflow basic 4 2% 1711 30 Lu33Y 4
pas_valide ELF x86 - Stack buffer overflow basic 6 2% 1224 30 TiWim 4
pas_valide ELF x86 - Format String Bug Basic 3 1% 601 35 Lyes 2
pas_valide ELF ARM - Basic ROP 1% 174 40 pickle 3
pas_valide ELF MIPS - Basic ROP 1% 23 40 dagger 0
pas_valide ELF x86 - Stack buffer overflow - C++ vtables 1% 429 40 sebbb 2
pas_valide ELF x64 - Logic bug 1% 72 50 sbrk 2
pas_valide ELF x86 - Bug Hunting - Several issues 1% 32 50 sbrk 0
pas_valide ELF x86 - Stack buffer and integer overflow 2% 1299 50 Lu33Y 3
pas_valide ELF x86 - Stack buffer overflow basic 5 2% 1206 50 Lu33Y 1
pas_valide ELF x64 - Stack buffer overflow - advanced 1% 573 55 Arod 3
pas_valide ELF MIPS - Format String Glitch 1% 12 60 pickle, martin 0
pas_valide ELF x86 - Information leakage with Stack Smashing Protector 1% 473 60 Arod 2
pas_valide ELF ARM - Race condition 1% 60 70 pickle 1
pas_valide ELF x64 - Browser exploit - Intro 1% 10 70 pickle 0
pas_valide ELF x86 - Out of bounds attack - French Paradox 1% 50 70 sbrk 2
pas_valide ELF x86 - Remote BSS buffer overflow 1% 581 75 Tosh 1
pas_valide ELF x86 - Remote Format String bug 1% 707 75 Tosh 2
pas_valide ELF x64 - Remote heap buffer overflow - fastbin 1% 127 80 franb 1
pas_valide ELF x86 - Blind remote format string bug 1% 174 80 Lyes 0
pas_valide LinKern ARM - vulnerable syscall 1% 49 85 pickle 0
pas_valide LinKern x86 - Buffer overflow basic 1 1% 224 85 franb 1
pas_valide LinKern x86 - Null pointer dereference 1% 229 90 franb 0
pas_valide LinKern x64 - Race condition 1% 156 95 franb 0
pas_valide ELF ARM - Alphanumeric shellcode 1% 19 100 pickle 2
pas_valide ELF MIPS - URLEncoded Format String bug 1% 4 100 pickle 0
pas_valide ELF x86 - Hardened binary 1 1% 442 100 sm0k 2
pas_valide ELF x86 - Hardened binary 2 1% 347 100 sm0k 2
pas_valide ELF x86 - Hardened binary 3 1% 221 100 sm0k 1
pas_valide ELF x86 - Hardened binary 4 1% 244 100 sm0k 2
pas_valide LinKern MIPSel - Vulnerable ioctl 1% 8 100 pickle 0
pas_valide LinKern x64 - reentrant code 1% 83 100 franb 1
pas_valide ELF ARM - Heap format string bug 1% 35 105 franb 0
pas_valide ELF x64 - Sigreturn Oriented Programming 1% 147 105 Arod 2
pas_valide LinKern x86 - basic ROP 1% 118 110 franb 1
pas_valide ELF ARM - Format String bug 1% 41 110 pickle 0
pas_valide ELF ARM - Use After Free 1% 38 110 pickle 0
pas_valide ELF x64 - Heap feng-shui 1% 31 110 laxa 2
pas_valide ELF x64 - Off-by-one bug 1% 73 110 NeedToLearn 1
pas_valide ELF x86 - Hardened binary 5 1% 174 110 sm0k 1
pas_valide LinKern ARM - Stack Overflow 1% 19 110 pickle 0
pas_valide ELF ARM - Heap Off-by-One 1% 28 115 pickle 1
pas_valide ELF x64 - Remote Heap buffer overflow 1 1% 86 115 Tosh 2
pas_valide ELF x86 - Hardened binary 6 1% 168 115 sm0k 2
pas_valide ELF x86 - Hardened binary 7 1% 137 115 Tosh 2
pas_valide ELF x86 - Remote stack buffer overflow - Hardened 1% 68 115 franb 1
pas_valide ELF ARM - Heap buffer overflow - Wilderness 1% 18 120 pickle 1
pas_valide ELF ARM - Heap Overflow 1% 21 120 pickle 0
pas_valide ELF x64 - Seccomp Whitelist 1% 25 120 pickle 0
pas_valide ELF x86 - Blind ROP 1% 41 120 franb 0
pas_valide Linkern x64 - Memory exploration 1% 49 120 franb 1
pas_valide ELF x64 - Remote Heap buffer overflow 2 1% 63 130 Tosh, Fritz 1
pas_valide ELF x64 - Blind ROP 1% 22 135 franb 1