programming
-
This is something I always found voodoo, figuring out how to recognize structures in decompiled binary code. Table of contents Introduction A struct is a data structure in C/C++ that groups variables of different types. I will be using BinaryNinja in this demonstration. I chose libz.1.3.1.dylib and also had access to the source code via…
-
Execute is a pwn challenge that requires us to write shellcode that bypasses the filter check. When we decompile the execute binary, we can see that there is a check function which will compare user input to an array of bad bytes. bad bytes:;Tbinsh\xf6\xd2\xc0_\xc9flag\x00 The bad bytes represent key parts of shell code execution, specifically…
-
I recently started learning binary exploitation (pwn), and this challenge introduced me to several key concepts. I found it particularly interesting, so I wrote this blog post to explore the details more deeply and solidify my understanding. Table of contents Introduction Opening up the binary in binaryninja, we go through the code to find the…
-
There is no excerpt because this is a protected post.
-
Privilege escalation on Windows through a card printer software CVE-2024-34329 Back in May, I was playing around with a card printer software I had previously installed on my laptop for a security workshop my company had organized to demonstrate how easy it is to clone another company’s employee badge. On Windows, it is possible to…
pamoutaf 