Agile was a super fun machine that included a very cool chrome remote debugger attaching path to see the user’s browser. The machines starts off with a simple LFI vulnerability that can be leverage...

SecNotes is a Windows machine. A user registers and logs in by sending us a link through our contact form on port 80, which changes his password, granting us access to all of his notes. His notes c...

I did not solve many challenges from Pwnable.kr but here are the writeups for the three challenges I actually ended up solving, they are very easy challenges that require a little bit of reversing ...

Writeups for the challenges I solved or was working on with my teamates. Cookieee - Reversing This stupid cookie clicker game… Legend has it there is a reward when you reach 10000000 or more c...

I will try to do the last medium one when I understand a bit more about Heap pwn. The challenges tackled in this post are: Shell Time Favourite colour Shell Time We have the following chal...

I did it! After a year of learning and working hard towards the certification coming from no IT work experience background. Admittedly I failed my first attempt with being just short and getting on...

Exploitation Strings2win Surely devs don’t hard-code secrets these days. Right? Filedrop: exploit-0.7z The filedrop contains a binary named encryptor which when ran gives the following outpu...

OpenKeyS is an OpenBSD machine that is vulnerable to the the OpenBSD authentication vulnerabilites which allow an attacker to bypass authentication and escalate privileges. We first bypass the auth...

Unbalanced was a hard rated machine on HackTheBox which involved retrieving files from rsync and decrypting the contents after which we use the squid proxy to access an internal network with multip...

This post has 3 writeups for the 3 easy pwn challenges on CTFLearn. Simple BOF Code Exploitation RIP my BOF GDB Exploit Lazy Game Challenge...