In order to run the challenge POCs without any problem, I prepared docker containers for various Ubuntu releases. The instructions for using the containers can be found here.
| CTF | Challenge | Info | Exploitation | Links |
|---|---|---|---|---|
| UTCTF 2019 | babyecho | x86_32 NX Partial RELRO ASLR |
GOT format string libc database |
CTFtime Writeups Archives |
| BSidesSF 2019 | slowfire | x86_64 Partial RELRO ASLR |
GOT PLT shellcode socket stack overflow syscall |
CTFtime Writeups Archives |
| TAMUctf 2019 | pwn3 | x86_32 Full RELRO PIE ASLR |
shellcode stack overflow syscall |
CTFtime Writeups Archives |
| TAMUctf 2019 | pwn5 | x86_32 NX Partial RELRO ASLR |
ret2libc stack overflow |
CTFtime Writeups Archives |
| ASIS 2018 Finals | asvdb | x86_64 NX Canary Full RELRO ASLR |
__free_hook double free heap one gadget smallbin tcache dup tcache poisoning tcache unsorted bin use after free |
CTFtime Writeups Archives |
| ASIS 2018 Finals | inception | x86_64 NX Partial RELRO ASLR |
GOT ROP fork one gadget pipe return-to-csu stack overflow |
CTFtime Writeups Archives |
| SECCON 2018 Quals | profile | x86_64 NX Canary Partial RELRO ASLR |
C++ GOT arbitrary read buffer overflow one gadget string |
CTFtime Writeups Archives |
| SECCON 2018 Quals | classic | x86_64 NX Partial RELRO ASLR |
GOT ROP one gadget stack overflow stack pivoting |
CTFtime Writeups Archives |
| BSidesDelhi 2018 | data_bank | x86_64 NX Canary Full RELRO PIE ASLR |
__malloc_hook heap one gadget tcache poisoning tcache use after free |
CTFtime Writeups Archives |
| HITCON 2018 | children_tcache | x86_64 NX Canary Full RELRO PIE ASLR |
__malloc_hook double free heap off-by-one overlapping chunks poison-null-byte tcache dup tcache poisoning tcache |
CTFtime Writeups Archives |
| Hack.lu 2018 | babyphp | Web PHP |
assert code injection unintended behaviors unsanitized input |
CTFtime Writeups Archives |
| InCTF 2018 | warmup | arm arm32 armhf Partial RELRO ASLR |
shellcode stack overflow syscall |
CTFtime Writeups Archives |
| InCTF 2018 | yawn | x86_64 NX Canary Full RELRO ASLR |
GOT __malloc_hook fastbin dup heap off-by-one one gadget |
CTFtime Writeups Archives |
| InCTF 2018 | securepad | x86_64 NX Canary Full RELRO PIE ASLR |
__free_hook arbitrary free fastbin dup heap uninitialized var unsorted bin |
CTFtime Writeups Archives |
| CSAW 2018 Quals | alien_invasion | x86_64 NX Canary Partial RELRO PIE ASLR |
GOT heap off-by-one overlapping chunks poison-null-byte |
CTFtime Writeups Archives |
| CSAW 2018 Quals | bigboy | x86_64 NX Canary Partial RELRO ASLR |
stack overflow |
CTFtime Writeups Archives |
| CSAW 2018 Quals | get_it | x86_64 NX Partial RELRO ASLR |
stack overflow |
CTFtime Writeups Archives |
| CSAW 2018 Quals | shell_code | x86_64 Full RELRO PIE ASLR |
shellcode stack overflow |
CTFtime Writeups Archives |
| WhiteHat 2018 Quals | pwn02 | x86_64 NX Canary Full RELRO FORTIFY ASLR |
glibc tcache heap off-by-one overlapping chunks poison-null-byte |
CTFtime Writeups Archives |
| MeePwn 2018 Quals | babysandbox | x86_32 NX Partial RELRO PIE ASLR |
openat readv shellcode socket syscall writev |
CTFtime Writeups Archives |
| 0CTF 2018 Finals | freenote2018 | x86_64 NX Canary Full RELRO PIE ASLR |
__malloc_hook double free fastbin dup heap metadata heap overlapping chunks |
CTFtime Writeups Archives |
| RCTF 2018 | rnote3 | x86_64 NX Canary Full RELRO PIE ASLR |
__free_hook fastbin heap one gadget overlapping chunks uninitialized var |
CTFtime Writeups Archives |
| RCTF 2018 | babyheap | x86_64 NX Canary Full RELRO PIE ASLR |
PREV_IN_USE bit __malloc_hook heap off-by-one poison-null-byte |
CTFtime Writeups Archives |
| RCTF 2018 | stringer | x86_64 NX Canary Full RELRO PIE ASLR |
IS_MMAPED __malloc_hook calloc double free fastbin dup heap off-by-one |
CTFtime Writeups Archives |
| PlaidCTF 2018 | shop | x86_64 NX Canary Partial RELRO ASLR |
GOT buffer overflow heap one gadget |
CTFtime Writeups Archives |
| ASIS 2018 Quals | cat | x86_64 NX Canary Partial RELRO ASLR |
GOT fastbin heap |
CTFtime Writeups Archives |
| ASIS 2018 Quals | fifty_dollars | x86_64 NX Canary Full RELRO PIE ASLR |
double free fastbin heap use after free |
CTFtime Writeups Archives |
| ASIS 2018 Quals | just_sort | x86_64 NX Canary Partial RELRO ASLR |
GOT heap overflow one gadget |
CTFtime Writeups Archives |
| ASIS 2018 Quals | message_me | x86_64 NX Canary Partial RELRO ASLR |
__malloc_hook double free fastbins heap overlapping chunks use after free |
CTFtime Writeups Archives |
| StarCTF 2018 | babystack | x86_64 NX Canary Full RELRO ASLR |
GOT pthread stack overflow stack_guard thread local storage |
CTFtime Writeups Archives |
| StarCTF 2018 | note | x86_64 NX Full RELRO ASLR |
GOT LSB ROP off-by-one saved rbp stack overflow |
CTFtime Writeups Archives |
| StarCTF 2018 | warmup | x86_64 NX Full RELRO ASLR |
GOT one gadget stack overflow |
CTFtime Writeups Archives |
| WPICTF 2018 | forker.level1 | x86_64 Partial RELRO ASLR |
GOT ROP return-to-csu shellcode stack overflow |
CTFtime Writeups Archives |
| WPICTF 2018 | forker.level2 | x86_64 NX Canary Partial RELRO ASLR |
fork socket stack canary stack cookie stack overflow |
CTFtime Writeups Archives |
| UIUCTF 2018 | how2heap | x86_64 NX Canary Full RELRO PIE ASLR |
heap one gadget |
CTFtime Writeups Archives |
| 0CTF 2018 Quals | babyheap | x86_64 NX Canary Full RELRO PIE ASLR |
__malloc_hook double free fastbin dup heap off-by-one one gadget top chunk |
CTFtime Writeups Archives |
| 0CTF 2018 Quals | babystack | x86_32 NX Partial RELRO ASLR |
Elf_Rel Elf_Sym GOT PLT ROP dynstr dynsym rel_plt stack overflow |
CTFtime Writeups Archives |
| iCTF 2018 | fantasticiot | x86_32 NX Canary ASLR |
attack & defense binary patching strncmp |
CTFtime Writeups Archives |
| TAMUctf 2018 | pwn5 | x86_32 NX Partial RELRO ASLR |
ROP stack overflow syscall |
CTFtime Writeups Archives |
| NullconHackIM 2018 | pwn2-box | x86_64 Partial RELRO ASLR |
ROP one gadget shellcode syscall |
CTFtime Writeups Archives |
| Codegate 2018 Quals | baskin_robins31 | x86_64 NX Partial RELRO ASLR |
GOT ROP one gadget stack overflow stack pivot |
CTFtime Writeups Archives |
| Codegate 2018 Quals | super_marimo | x86_64 NX Canary Partial RELRO ASLR |
GOT fastbin heap one gadget |
CTFtime Writeups Archives |
| 0CTF 2017 Quals | babyheap | x86_64 NX Canary Full RELRO PIE ASLR |
IS_MMAPED __malloc_hook calloc fastbin attack fastbin heap overflow one gadget smallbin |
CTFtime Writeups Archives |
| C3CTF 2017 | simplegc | x86_64 NX Canary Partial RELRO ASLR |
GOT fastbin glibc tcache heap use after free |
CTFtime Writeups Archives |
| SECCON 2017 Quals | election | x86_64 NX Canary Full RELRO ASLR |
GOT __malloc_hook fastbin null byte overflow null byte poisoning off-by-one one gadget |
CTFtime Writeups Archives |
| SECCON 2017 Quals | secure_keymanager | x86_64 NX Canary Partial RELRO ASLR |
GOT PLT double free fastbin format string heap |
CTFtime Writeups Archives |
| SECCON 2017 Quals | video_player | x86_64 NX Canary Partial RELRO ASLR |
GOT __malloc_hook fastbin heap one gadget overlapping chunks use after free virtual calls vtable |
CTFtime Writeups Archives |
| CSAW 2017 Quals | scv | x86_64 NX Canary Partial RELRO ASLR |
ROP buffer over-read buffer overflow information disclosure one gadget stack overflow |
CTFtime Writeups Archives |