Tag: tcache-poisoning (8)

CTF > WannaGame Championship > WannaGame Championship 2025

pwn - oop

Vulnerability: use after free - dangling pointer -> tcache poisoning

heap-exploitation use-after-free cpp tcache-poisoning return-oriented-programming return-address-overwrite
December 25, 2025 December 24, 2025 Hard
CTF > HackTheBox > HTB Cyber Apocalypse CTF 2023: The Cursed Mission

pwn - Runic

Pandora is close to finally arriving at the Pharaoh’s tomb and finding the ancient relic, but she faces a tremendously...

Vulnerability: incorrect string handling - strcpy() on raw read() buffer containing null byte -> heap buffer overflow

heap-exploitation tcache-poisoning got-overwrite heap-buffer-overflow hash-table unsorted-bin-attack
December 24, 2025 October 22, 2025 Hard
CTF > Viettel Cyber Security > VCS Passport 2025

pwn

Vulnerability: heap buffer overflow - improper length check in read()

heap-exploitation heap-buffer-overflow tcache-poisoning return-address-overwrite return-oriented-programming
December 22, 2025 December 20, 2025 Medium
CTF > CSCV > CSCV 2025 Jeopardy Final

pwn - Calc

Welcome to Calculator Pro Max - where mathematics meets management!

Vulnerability: double free - dangling pointer

heap-exploitation tcache-poisoning use-after-free double-free return-address-overwrite return-oriented-programming exception cpp
December 22, 2025 November 17, 2025 Insane
CTF > HackTheBox > HTB Cyber Apocalypse CTF 2025: Tales from Eldoria

pwn - Strategist

To move forward, Sir Alaric requests each member of his team to present their most effective planning strategy. The individual...

Vulnerability: incorrect string handling - strlen() overcount -> heap buffer overflow

heap-exploitation heap-buffer-overflow tcache-poisoning hook-overwrite
December 22, 2025 October 30, 2025 Medium
CTF > CSCV > ASCIS Final 2024

pwn - BugBounty

Dear hecker, We are The Inquisition, and we are excited to announce ourupcoming program, "Note" - a program for Space Marines...

Vulnerability: use after free - dangling pointer

heap-exploitation tcache-poisoning got-overwrite use-after-free setcontext32 double-free
December 22, 2025 October 15, 2025 Hard
CTF > PicoCTF > picoCTF 2023

pwn - Horsetrack

I'm starting to write a game about horse racing, would you mind testing it out? Maybe you can find some...

Vulnerability: use after free - dangling pointer

tcache-poisoning heap-exploitation got-overwrite use-after-free
December 22, 2025 October 9, 2025 Hard
CTF > PicoCTF > picoCTF 2024

pwn - high frequency troubles

Vulnerability: house of orange + heap buffer overflow - improper length check in gets()

heap-exploitation heap-buffer-overflow house-of-orange tcache-poisoning setcontext32 thread-local-storage
December 22, 2025 October 8, 2025 Hard