Category Archives: Uncategorized

This weekend, I participated in the curiously named Bugs Bunny CTF (www.bugsbunnyctf.me). Unfortunately, due to very poor record-keeping (and general incompetence in solving some more interesting challenges) on my part, I am only able to present a few limited writeups. … Continue reading →

In this (short) post, we will explore triggering a stack overflow vulnerability in the kernel. This is a classic exploitation case. The Vulnerability: TriggerStackOverflow Similar to the last post, we first inspect the vulnerable function in code. This is a … Continue reading →

In this post, we will dive into an actual example of exploitation, against an arbitrary write-what-where vulnerability. The Vulnerability: TriggerArbitraryOverwrite The vulnerability we are exploiting is within the TriggerArbitraryOverwrite function. In source code, we can see this in the “TriggerArbitraryOverwrite” function, … Continue reading →

Several months ago, I took a short sojourn into the world of Windows Kernel exploitation, based on the work of hacksysteam and their excellent HackSys Extreme Vulnerable Driver (github here). I learned some things, and built a short community presentation … Continue reading →