-
Notifications
You must be signed in to change notification settings - Fork 0
PWN
Quintin edited this page Sep 10, 2022
·
7 revisions
Pwning is the art of exploiting an already running system. Usually we already have the binary and if we are lucky the source code.
-
Overflow0on our CTFd server (beginner friendly) -
Ret0on our CTFd server (beginner friendly) -
buffer overflow 0on picoCTF: https://play.picoctf.org/practice/challenge/257 - Others on our CTFd
- Open the binary in a static reversing tool, such as Ghidra or IDA to get baseline information. Identify the assembly type (x86, ARM, etc.), what language it is, what type of libraries are being linked, strings, etc.
- Run the binary inside of a VM to observe behavior. Use tools such as GDB to dynamically analyze them.
- Identify major functions, parts that may have weaknesses or oversights
- Craft and attack plan and use tools such as pwntools to automate an exploit script.