2 Solutions

Challenge Results

Pseudo	Challenge	Lang	date
notreality	LinKern x64 - SLUB off-by-one		30 December 2020 at 12:21
cyberknight	LinKern x64 - SLUB off-by-one		19 December 2020 at 19:37
MaoKo	LinKern x64 - SLUB off-by-one		8 December 2020 at 22:45
knacky	LinKern x64 - SLUB off-by-one		3 October 2020 at 20:52
awe	LinKern x64 - SLUB off-by-one		13 September 2020 at 11:10
hexabeast	LinKern x64 - SLUB off-by-one		29 August 2020 at 17:18
n0psledbyte	LinKern x64 - SLUB off-by-one		16 August 2020 at 05:08
Baptiste M. (Creased)	LinKern x64 - SLUB off-by-one		31 July 2020 at 17:17
neokz	LinKern x64 - SLUB off-by-one		29 June 2020 at 06:01
w0_	LinKern x64 - SLUB off-by-one		26 June 2020 at 15:25

0
10
20
30

75 Challenges

Results	Name	Validations	Number of points	Difficulty	Author	Note	Solution
	ELF x86 - Stack buffer overflow basic 1	8% 15506	5		Lyes		11
	ELF x86 - Stack buffer overflow basic 2	6% 11073	10		Lyes		10
	PE32 - Stack buffer overflow basic	1% 752	10		Ech0		7
	ELF x86 - Format string bug basic 1	4% 7161	15		Lu33Y		5
	ELF x64 - Stack buffer overflow - basic	3% 5490	20		Arod		6
	ELF x86 - Format string bug basic 2	2% 3598	20		Lyes		5
	ELF x86 - Race condition	3% 4874	20		Lu33Y		9
	ELF ARM - Stack buffer overflow - basic	1% 1024	25		pickle		7
	ELF MIPS - Stack buffer overflow - No NX	1% 322	25		franb		2
	ELF x86 - Stack buffer overflow basic 3	2% 3594	25		Lyes		3
	ELF x86 - Use After Free - basic	1% 1016	25		Esad		3
	ELF ARM - Stack Spraying	1% 178	30		pickle		4
	ELF x86 - BSS buffer overflow	2% 3442	30		Lu33Y		7
	ELF x86 - Stack buffer overflow basic 4	2% 2265	30		Lu33Y		5
	ELF x86 - Stack buffer overflow basic 6	2% 2102	30		TiWim		5
	ELF x86 - Format String Bug Basic 3	1% 946	35		Lyes		2
	PE32 - Advanced stack buffer overflow	1% 122	35		Ech0		4
	ELF ARM - Basic ROP	1% 521	40		pickle		5
	ELF MIPS - Basic ROP	1% 96	40		dagger		1
	ELF x86 - Stack buffer overflow - C++ vtables	1% 670	40		sebbb		2
	PE32+ Format string bug	1% 57	45		Ech0		1
	ELF x64 - Logic bug	1% 148	50		sbrk		3
	ELF x86 - Bug Hunting - Several issues	1% 78	50		sbrk		2
	ELF x86 - Stack buffer and integer overflow	1% 1628	50		Lu33Y		3
	ELF x86 - Stack buffer overflow - ret2dl_resolve	1% 161	50		kikko		0
	ELF x86 - Stack buffer overflow basic 5	1% 1486	50		Lu33Y		1
	ELF x64 - Stack buffer overflow - advanced	1% 986	55		Arod		4
	ELF MIPS - Format String Glitch	1% 42	60		pickle, martin		1
	ELF x86 - Information leakage with Stack Smashing Protector	1% 711	60		Arod		2
	ELF ARM - Race condition	1% 106	70		pickle		1
	ELF x64 - Browser exploit - Intro	1% 62	70		pickle		1
	ELF x86 - Out of bounds attack - French Paradox	1% 89	70		sbrk		3
	ELF x86 - Remote BSS buffer overflow	1% 684	75		Tosh		1
	ELF x86 - Remote Format String bug	1% 846	75		Tosh		2
	PE32+ Basic ROP	1% 30	75		Ech0		0
	ELF x64 - Remote heap buffer overflow - fastbin	1% 227	80		franb		1
	ELF x86 - Blind remote format string bug	1% 253	80		Lyes		2
	LinKern ARM - vulnerable syscall	1% 107	85		pickle		0
	LinKern x86 - Buffer overflow basic 1	1% 372	85		franb		3
	LinKern x86 - Null pointer dereference	1% 370	90		franb		0
	LinKern x64 - Race condition	1% 230	95		franb		1
	ELF ARM - Alphanumeric shellcode	1% 35	100		pickle		2
	ELF MIPS - URLEncoded Format String bug	1% 20	100		pickle		0
	ELF x86 - Hardened binary 1	1% 610	100		sm0k		3
	ELF x86 - Hardened binary 2	1% 485	100		sm0k		3
	ELF x86 - Hardened binary 3	1% 299	100		sm0k		1
	ELF x86 - Hardened binary 4	1% 335	100		sm0k		2
	LinKern MIPSel - Vulnerable ioctl	1% 35	100		pickle		0
	LinKern x64 - reentrant code	1% 126	100		franb		2
	ELF ARM - Heap format string bug	1% 65	105		franb		1
	ELF x64 - Sigreturn Oriented Programming	1% 204	105		Arod		4
	ELF ARM - Format String bug	1% 75	110		pickle		2
	ELF ARM - Use After Free	1% 77	110		pickle		0
	ELF x64 - Heap feng-shui	1% 56	110		laxa		2
	ELF x64 - Off-by-one bug	1% 111	110		NeedToLearn		2
	ELF x86 - Hardened binary 5	1% 257	110		sm0k		1
	LinKern ARM - Stack Overflow	1% 44	110		pickle		0
	LinKern x86 - basic ROP	1% 187	110		franb		2
	ELF ARM - Heap Off-by-One	1% 49	115		pickle		1
	ELF x64 - Remote Heap buffer overflow 1	1% 138	115		Tosh		3
	ELF x86 - Hardened binary 6	1% 238	115		sm0k		3
	ELF x86 - Hardened binary 7	1% 201	115		Tosh		3
	ELF x86 - Remote stack buffer overflow - Hardened	1% 122	115		franb		1
	LinKern x64 - RowHammer	1% 52	115		pickle		1
	LinKern x64 - SLUB off-by-one	1% 34	115		Tosh		2
	ELF ARM - Heap buffer overflow - Wilderness	1% 30	120		pickle		1
	ELF ARM - Heap Overflow	1% 37	120		pickle		1
	ELF x64 - Seccomp Whitelist	1% 44	120		pickle		0
	ELF x86 - Blind ROP	1% 102	120		franb		0
	Linkern x64 - Memory exploration	1% 81	120		franb		1
	WinKern x64 - Advanced stack buffer overflow - ROP	1% 16	120		__syscall, Synacktiv		1
	WinKern x64 - Use After Free	1% 10	120		__syscall, Synacktiv		0
	ELF x64 - Remote Heap buffer overflow 2	1% 103	130		Tosh, Fritz		1
	ELF x64 - Blind ROP	1% 72	135		franb		1
	ELF x64 - Browser exploit - BitString	1% 24	135		pickle		0

LinKern x64 - SLUB off-by-one

115 Points

Exploit an off-by-one on this vulnerable module

Author

Level

Validations

Note

2 Solutions

Challenge Results

75 Challenges