pwneasy

Куча подарков (Heap of Gifts)

hackerlab

Task: New Year gift selection program with heap-based storage. Solution: Out-of-bounds array read via input 0 causes integer underflow in indexing formula, reading ptr_gifts[-1] which contains the real flag pointer.

$ ls tags/ techniques/

heap out_of_bounds oob_read array_indexing integer_underflow

oob_array_readheap_metadata_read

Analysis

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

$ python3 exploit.py --target 192.168.1.1 --port 8080
[*] Connecting to target...
[+] Shell obtained!

Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

🔒

Permission denied (requires tier.pro)

Sign in to access full writeups

Create a free account with GitHub, then upgrade to Pro.

$ssh [email protected]