Quantcast
Channel: exploit – Sec Team Blog
Browsing latest articles
Browse All 9 View Live

Image may be NSFW.
Clik here to view.

Insomni’hack finals – smtpwn writeup

This challenge was solved by several teams during the contest, however it seems that most teams didn’t have the intended solution, so here it is The source, binary and exploit for this challenge can be...

View Article


Image may be NSFW.
Clik here to view.

Insomni’hack finals – Jurassic Sparc writeup

This task wasn’t solved during the CTF. People must hate sparc! Find the binary, sources and exploit here! In this task you were provided a sparc server binary and a python client, which was a Tkinter...

View Article


Insomni’hack finals – SH1TTY writeup

This challenge wasn’t solved during the CTF, but StratumAuhuur was pretty close! The source, binary and exploit for this challenge can be found on our github here. Description: “Can you write a kernel...

View Article

Image may be NSFW.
Clik here to view.

Exploiting a misused C++ shared pointer on Windows 10

In this post I describe a detailed solution to my “winworld” challenge from Insomni’hack CTF Teaser 2017. winworld was a x64 windows binary coded in C++11 and with most of Windows 10 built-in...

View Article

Magento – RCE & Local File Read with low privilege admin rights

I regularly search for vulnerabilities on big services that allow it and have a Bug Bounty program. Here is a second paper which covers two vulnerabilities I discovered on Magento, a big ecommerce CMS...

View Article

Browsing latest articles
Browse All 9 View Live