WinKern x64 - Stack buffer overflow avancé - ROP

120 Points  0x0

Reversez le driver, trouvez les vulnerabilités qu’il expose et exploitez les sur un système Windows 10, afin d’obtenir les privilèges SYSTEM

Auteur

__syscallSynacktiv,  

Niveau  Difficulté

Validations

4 Challengeurs 1%

Note  Notation

6 votes

Pour accéder à cette partie du site, veuillez vous authentifier

 75 Challenges

Résultats Nom Validations Nombre de points   Explications sur les scores Difficulté  Difficulté Auteur Note  Notation Solution
pas_valide ELF x86 - Stack buffer overflow basic 1 8% 13517 5 Lyes 9
pas_valide ELF x86 - Stack buffer overflow basic 2 6% 9772 10 Lyes 6
pas_valide PE32 - Stack buffer overflow basic 1% 334 10 Ech0 3
pas_valide ELF x86 - Format string bug basic 1 4% 6388 15 Lu33Y 7
pas_valide ELF x64 - Stack buffer overflow - basic 3% 4805 20 Arod 9
pas_valide ELF x86 - Format string bug basic 2 2% 3154 20 Lyes 7
pas_valide ELF x86 - Race condition 3% 4365 20 Lu33Y 11
pas_valide PE32+ Egg Hunter 1% 23 25 Ech0 1
pas_valide PE32 - Stack buffer overflow avancé 1% 61 25 Ech0 3
pas_valide ELF x86 - Use After Free - basic 1% 667 25 Esad 2
pas_valide ELF MIPS - Stack buffer overflow - No NX 1% 251 25 franb 4
pas_valide ELF ARM - Stack buffer overflow - basic 1% 838 25 pickle 5
pas_valide ELF x86 - Stack buffer overflow basic 3 2% 3162 25 Lyes 5
pas_valide ELF ARM - Stack Spraying 1% 149 30 pickle 5
pas_valide ELF x86 - BSS buffer overflow 2% 3157 30 Lu33Y 7
pas_valide ELF x86 - Stack buffer overflow basic 4 2% 2097 30 Lu33Y 4
pas_valide ELF x86 - Stack buffer overflow basic 6 2% 1845 30 TiWim 6
pas_valide ELF x86 - Format String Bug Basic 3 1% 833 35 Lyes 7
pas_valide ELF x86 - Stack buffer overflow - C++ vtables 1% 594 40 sebbb 6
pas_valide ELF ARM - Basic ROP 1% 422 40 pickle 4
pas_valide ELF MIPS - Basic ROP 1% 74 40 dagger 3
pas_valide ELF x64 - Logic bug 1% 128 50 sbrk 4
pas_valide ELF x86 - Bug Hunting - Plusieurs problèmes 1% 66 50 sbrk 4
pas_valide ELF x86 - Stack buffer and integer overflow 1% 1517 50 Lu33Y 4
pas_valide ELF x86 - Stack buffer overflow - ret2dl_resolve 1% 110 50 kikko 2
pas_valide ELF x86 - Stack buffer overflow basic 5 1% 1387 50 Lu33Y 5
pas_valide ELF x64 - Stack buffer overflow - avancé 1% 864 55 Arod 10
pas_valide ELF x86 - Information leakage with Stack Smashing Protector 1% 627 60 Arod 3
pas_valide ELF MIPS - Format String Glitch 1% 34 60 pickle, martin 3
pas_valide ELF ARM - Race condition 1% 91 70 pickle 4
pas_valide ELF x64 - Browser exploit - Intro 1% 48 70 pickle 2
pas_valide ELF x86 - Out of bounds attack - French Paradox 1% 75 70 sbrk 4
pas_valide ELF x86 - Remote BSS buffer overflow 1% 652 75 Tosh 4
pas_valide ELF x86 - Remote Format String bug 1% 803 75 Tosh 4
pas_valide PE32+ Basic ROP 1% 8 75 Ech0 2
pas_valide ELF x64 - Remote heap buffer overflow - fastbin 1% 197 80 franb 2
pas_valide ELF x86 - Blind remote format string bug 1% 220 80 Lyes 5
pas_valide LinKern ARM - syscall vulnérable 1% 85 85 pickle 3
pas_valide LinKern x86 - Buffer overflow basic 1 1% 319 85 franb 5
pas_valide LinKern x86 - Null pointer dereference 1% 329 90 franb 1
pas_valide LinKern x64 - Race condition 1% 200 95 franb 1
pas_valide ELF ARM - Shellcode alphanumérique 1% 26 100 pickle 1
pas_valide ELF MIPS - URLEncoded Format String bug 1% 16 100 pickle 2
pas_valide ELF x86 - Hardened binary 1 1% 556 100 sm0k 8
pas_valide ELF x86 - Hardened binary 2 1% 439 100 sm0k 9
pas_valide ELF x86 - Hardened binary 3 1% 277 100 sm0k 5
pas_valide ELF x86 - Hardened binary 4 1% 313 100 sm0k 10
pas_valide LinKern MIPSel - Vulnerable ioctl 1% 29 100 pickle 1
pas_valide LinKern x64 - code réentrant 1% 107 100 franb 1
pas_valide ELF ARM - Heap format string bug 1% 50 105 franb 2
pas_valide ELF x64 - Sigreturn Oriented Programming 1% 180 105 Arod 5
pas_valide ELF x86 - Hardened binary 5 1% 236 110 sm0k 9
pas_valide LinKern x86 - basic ROP 1% 158 110 franb 5
pas_valide LinKern ARM - Stack Overflow 1% 35 110 pickle 1
pas_valide ELF x64 - Off-by-one bug 1% 91 110 NeedToLearn 3
pas_valide ELF ARM - Use After Free 1% 58 110 pickle 1
pas_valide ELF ARM - Format String bug 1% 59 110 pickle 1
pas_valide ELF x64 - Heap feng-shui 1% 45 110 laxa 2
pas_valide ELF x86 - Remote stack buffer overflow - Hardened 1% 105 115 franb 4
pas_valide LinKern x64 - RowHammer 1% 36 115 pickle 1
pas_valide LinKern x64 - SLUB off-by-one 1% 23 115 Tosh 0
pas_valide ELF x86 - Hardened binary 7 1% 183 115 Tosh 7
pas_valide ELF x86 - Hardened binary 6 1% 218 115 sm0k 7
pas_valide ELF x64 - Remote Heap buffer overflow 1 1% 114 115 Tosh 3
pas_valide ELF ARM - Heap Off-by-One 1% 35 115 pickle 2
pas_valide ELF ARM - Heap buffer overflow - Wilderness 1% 23 120 pickle 2
pas_valide ELF ARM - Heap Overflow 1% 25 120 pickle 1
pas_valide ELF x64 - Seccomp Whitelist 1% 36 120 pickle 2
pas_valide ELF x86 - Blind ROP 1% 81 120 franb 6
pas_valide Linkern x64 - Memory exploration 1% 71 120 franb 5
pas_valide WinKern x64 - Stack buffer overflow avancé - ROP 1% 4 120 __syscall, Synacktiv 1
pas_valide WinKern x64 - Use After Free 1% 2 120 __syscall, Synacktiv 0
pas_valide ELF x64 - Remote Heap buffer overflow 2 1% 82 130 Tosh, Fritz 2
pas_valide ELF x64 - Blind ROP 1% 50 135 franb 1
pas_valide ELF x64 - Browser exploit - BitString 1% 17 135 pickle 3