My writeups for CTF pwn :
- pwnable.kr https://github.com/thinkycx/pwnable.kr
- pwnable.tw https://github.com/thinkycx/pwnable.tw
- this repo
20181218 HITCON-Training/lab14/magicheap - unsorted bin attack - overflow unsorted bin chunk's bk to &target_value-0x10
20181217 HITCON-Training/lab11/bamboobo - house of force - change top chunk's size and malloc anywhere
20181207 SECCON2016/tinypad/exp-aslr-success.py - house-of-einherjar - inuse smallbin chunk extend
20181206 SECCON2016/tinypad/exp-noaslr-success.py
20181204 HITCON-Training/lab13/heapcreator - inuse fastbin chunk extend
20181203 HITCON2014/stkof/stkof - new method : fatbin attack - fd @ &malloctimes-8
20181130 BCTF2018/easiest - basic fastbin attack and hijack GOT
20181130 HITCON2014/stkof/stkof - basic unlink attack in glibc-2.23 & DynELF
20181116 XDCTF2015/bof/bof - ret2resolve i386
20181102-RCTF2018/RNote4/RNote4 - heap overflow, overwrite .dynamic strtab
20170902-20170824HITB/1000levels/1000levels
20170810-study-fastbin
20170809-wooyundrops-rop/x86/lv1-lv4 rop
20170803-tsctf2016/pwn fsb unlink
20170728-xdctf2016-final/test UAF IntegerOverflow
20170722-429ichunqiu/smallest SROP