Viettel Cyber Security

CTF > Viettel Cyber Security > VCS Passport 2025

final pokemon player

Vulnerability: toc-tou race condition -> out-of-bound write; arbitrary function pointer -> stack buffer overflow using gets()

toc-tou race-condition sink-to-source return-address-overwrite return-oriented-programming stack-buffer-overflow out-of-bound
December 30, 2025 December 20, 2025 Medium
CTF > Viettel Cyber Security > VCS Passport 2025

pwn

Vulnerability: heap buffer overflow - improper length check in read()

heap-exploitation heap-buffer-overflow tcache-poisoning return-address-overwrite return-oriented-programming
December 22, 2025 December 20, 2025 Medium
CTF > Viettel Cyber Security > VCS Passport 2025

node user

Vulnerability: heap buffer overflow - improper buffer check in read()

heap-buffer-overflow
December 22, 2025 December 20, 2025 Easy
CTF > Viettel Cyber Security > VCS Passport 2024

PWN3

Vulnerability: stack buffer overflow - improper length check in read()

got-overwrite stack-buffer-overflow
December 22, 2025 December 12, 2025 Medium
CTF > Viettel Cyber Security > VCS Passport 2024

PWN2

Vulnerability: use after free - dangling pointer

use-after-free heap-exploitation
December 22, 2025 December 12, 2025 Easy
CTF > Viettel Cyber Security > VCS Passport 2024

PWN1

Vulnerability: stack buffer overflow - improper length check in fget() / heap buffer overflow - improper length check in memcpy()

heap-buffer-overflow stack-buffer-overflow bypass-stack-canary return-address-overwrite
December 22, 2025 December 12, 2025 Medium
There are 6 pages in this directory.