Tag: stack-buffer-overflow (20)

final pokemon player

Vulnerability: toc-tou race condition -> out-of-bound write; arbitrary function pointer -> stack buffer overflow using gets()

pwn - Story Contest

It’s time for you to tell your best story, and maybe you’ll be rewarded accordingly. Good luck !

Vulnerability: toc-tou race condition -> stack buffer overflow - improper length check in read()

pwn - 1149 - Repeat Service

Repeat Service is a convenient service that allows you to enter a string and output it over and over again....

Vulnerability: stack buffer overflow - improper dest check in memcpy()

pwn - 621 - Sea of Stack

Throw the flag at sea. It's so deep that no one can find it.

Vulnerability: stack buffer overflow - improper length check in read()

PWN3

Vulnerability: stack buffer overflow - improper length check in read()

PWN1

Vulnerability: stack buffer overflow - improper length check in fget() / heap buffer overflow - improper length check in memcpy()

pwn - Crash

I have received a crash report from my server service and I lost my access to the server. The initial...

Vulnerability: format string bug; stack buffer overflow

pwn - HeapNote Revenge

I wrote another heap note app and I think it's safe this time. Can you prove me wrong and get...

Vulnerability: integer vulnerability - signed and unsigned conversion -> stack buffer overflow - improper length check

Reproducing CVE-2022-0324: Buffer Overflow in dhcp6relay of SONiC

CVE-2022-0324 is a stack buffer overflow vulnerability in the memcpy function within the DHCPv6 relay server of the SONiC network...

Vulnerability: stack buffer overflow - improper length check in read()

pwn - Contractor

Sir Alaric calls upon the bravest adventurers to join him in assembling the mightiest army in all of Eldoria. Together,...

Vulnerability: stack buffer overflow - improper length check in read()

pwn - Crossbow

Sir Alaric's legendary shot can pierce through any enemy! Join his training and hone your aim to match his unparalleled...

Vulnerability: out-of-bound write -> stack pivot

pwn - Laconic

Sir Alaric's struggles have plunged him into a deep and overwhelming sadness, leaving him unwilling to speak to anyone. Can...

Vulnerability: stack buffer overflow - improper length check in read()

pwn - Hanoi Convention

Can you answer all these questions?

Vulnerability: stack buffer overflow - improper length check in read(), strcpy(); format string bug

pwn - lotto

Vulnerability: stack buffer overflow - improper length check in memcpy()

pwn - ROP

Vulnerability: stack buffer overflow - improper length check in read()

pwn - RUN NOW

Run run run!!!

Vulnerability: stack buffer overflow - improper length check in strcpy()

pwn - buffer overflow 23

Control the return address and arguments | Do you think you can bypass the protection and get the flag?

Vulnerability: stack buffer overflow

pwn - babygame02

Break the game and get the flag.

Vulnerability: stack buffer overflow

pwn - babygame03

Break the game and get the flag.Welcome to BabyGame 03! Navigate around the map and see what you can find!...

pwn - format string 0123

Can you use your knowledge of format strings to make the customers happy? | Patrick and Sponge Bob were really...