Contact me at pcgrosen [at] ucsb [dot] edu
Need a slack invite? Email me or talk to me in class.
This week's challenge: a real CTF challenge from CODEGATE Quals 2018, RedVelvet
This week's challenge: The Maze -- can you find a path through? (Starter code)
Ghidra (Reverse Engineering GUI)
This week's challenge: The Vault
Snake game -- Win as fast as you can!
Reversing low-level languages: somewhat-evil
Introductory reversing challenge (source)
Introductory reversing challenge (trace)
Final day: XSS Attack/Defense
Slides on Flask Jinja injection
An sh-based jail and a find-based jail for today's activity
Base script for today's activity, and an example solution
Slides on format string exploitation
Slides on fastbin use-after-free pivot
Slides on basic fastbin exploitation
Slides on basic buffer overflows
Some notes:
The calculate function may look intimidating, but it is not very long. Persevere and you will solve it.
Be sure to make use of the type annotations that IDA provides due to the debug info in the binary.
When you are finished, shoot me a message on slack. Try to finish by Friday. Good luck!
Last week's shellcoding.zip has been updated to include level 4 (printables only)
Online assembler for prototyping
afternoon_tea note (start here!)
Challenge day! No slides.
nc pwning.int80.net 5559
nc pwning.int80.net 5558
Continuing on with simple_rop from February 9th . . .
Connect to the server with
$ python exploit_starter.py pwning.int80.net 5556
Introduction to Reversing Slides
And a new challenge, BaskinRobins31, from Codegate Quals 2018: BaskinRobins31 Binary
Crypto Challenges (see slack for help)
Smashing the Stack for Fun and Profit
Meltdown example (Check out the libkdump folder)
Project Zero Blogpost (highly technical)