pwnhacker0x18

The name of an affected Product: LuaJIT
The affected or fixed version(s): through 2.1
The CVE ID for the entry: CVE-2024-25178
Description: LuaJIT through 2.1 has a stack-buffer-overflow in stack-overflow handler lj_state.c
Vulnerability Type: stack-buffer-overflow
Impact: DoS

pwnhacker0x18

The name of an affected Product: LuaJIT
The affected or fixed version(s): through 2.1
The CVE ID for the entry: CVE-2024-25177
Description: LuaJIT through 2.1 has an unsinking of IR_FSTORE for NULL metatable, which leads to Denial of Service (DoS).
Vulnerability Type: DoS
Impact: DoS

pwnhacker0x18

The name of an affected Product: LuaJIT
The affected or fixed version(s): through 2.1
The CVE ID for the entry: CVE-2024-25176
Description: This vulnerability can be exploited to leak data or DoS via a stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c.
Vulnerability Type: stack-buffer-overflow
Impact: Memory leak or DoS

pwnhacker0x18

FIXEDASLR

Description: I wasn't happy with the default ASLR, so I fixed it. The flag is in a file called "flag" both in / and cwd.

Attachment

The archive contains object files and one executable binary file.

Reversing

loader

pwnhacker0x18

MADCORE

Description: My coredump helper is crashing while handling a crash : (

Attachment

Reversing

After loading binary in ida pro and decompile main function we see this:

int __cdecl main(int argc, const char **argv, const char **envp)
{