Skip to content

Instantly share code, notes, and snippets.



View GitHub Profile
lordidiot / sysnote.c
Created Sep 19, 2021
Asian Cyber Security Challenge 2021 Exploits
View sysnote.c
#include <stdio.h>
#include <fcntl.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/syscall.h>
#define ADD 548
lordidiot / 11B,
Last active Mar 17, 2021
View 11B,

11B, Please [Misc]: Author Writeup


This challenge was based on a behaviour I learnt from reading Attacking Network Protocols (James Forshaw). The bug has to do with some integer trickery and I thought it was pretty neat. Fun fact, I crafted the challenge idea while on security trooper duty (screw NS T.T), hence the security trooper theme of the challenge.


The writeup is a bit lengthy, here's the quick solution run through. Bribe -2147483648 (INT_MIN) which won't be turned positive by positive, causing money_left to be negative and giving us the flag.

Code Analysis

lordidiot /
Last active May 23, 2021
GEF extension to handle tagged and compressed pointers in v8 better (WIP)
To use the extension, place the file somewhere and add
`source /path/to/extension`
in your ~/.gdbinit file
Use just as you would with `dereference` (
but s/deref/veref/g
Many missing features because I quickly whipped this up to solve a challenge.
1) Doesn't check for v8 version (Older versions don't use compressed pointers)