Skip to content

Instantly share code, notes, and snippets.

View shravya-bhaskara's full-sized avatar

shravya-bhaskara

4 followers · 9 following
View GitHub Profile
@shravya-bhaskara
shravya-bhaskara / game_of_thrones.md
Last active December 13, 2022 18:05

game_of_thrones

Author: d1g174l_f0rtr355

Solves: 10

Difficulty: Medium

Preliminary Analysis:

@shravya-bhaskara
shravya-bhaskara / bad_grades.md
Last active June 10, 2022 13:37

bad_grades

This is one of the hack the box challenges that I was solving the other day, and have noticed that such concepts appear quite frequently in many ctf's. I would like to take you through the entire challenge and hopefully you will be able to understand the underlying concept!

First off, as usual we do a preliminary check on the binary given to us!

Preliminary Checks:

Canary                        : ✓ 
NX : ✓
@shravya-bhaskara
shravya-bhaskara / void.md
Last active January 8, 2023 06:46

void - 272

This was one of the good challenges that I tried during the CTF. It was based on a technique called SROP (Sigreturn Oriented Programming).

The purpose of this challenge was to defeat ASLR and so the binary as such consisted of only two functions - main and _start both written in simple assembly making use of syscalls.

I'll take you through challenge and how I solved it!

Preliminary checks:

@shravya-bhaskara
shravya-bhaskara / viserions_call.md
Created January 31, 2022 11:57

viserions_call

Challenge Points: 400

Challenge Author: d1g174l_f0r7r355

A hard challenge I made for InCTF Nationals Finals round. The protections given on the binary were full, and there was no possibility for leaks. It is based on the concept of making use of a vsyscall to jump to backdoor. Before I proceed, I would just like to state that this challenge does not require any sort of brute approach.

Preliminary Analysis:

@shravya-bhaskara
shravya-bhaskara / bufferUp.md
Created January 24, 2022 10:23
inctfj 2021 - finals - bufferUp

bufferUp

Challenge Points: 200

Challenge Author: d1g174l_f0r7r355

This challenge was ret2win (with arguments) + dynamic rop. Some may have used tools like angr and z3 for a few of the win() functions in order to guess the arguments, however in my writeup, I have used neither.

Preliminary Analysis:

@shravya-bhaskara
shravya-bhaskara / theBet.md
Created January 24, 2022 10:21
inctfj 2021 - finals - theBet

theBet

Challenge Points: 200

No of Solves:

Challenge Author: d1g174l_f0r7r355

This challenge was a shellcode based challenge, with a few bad characters in check.

@shravya-bhaskara
shravya-bhaskara / leaky_pipes.md
Created January 24, 2022 10:18

leaky_pipes

Challenge Points: 400

No of Solves: 4

Challenge Author: d1g174l_f0r7r355

This was one of the hard challenges I made for inctfj qualifiers. It is based on format strings. I will try to explain all the concepts required and used in this challenge.

@shravya-bhaskara
shravya-bhaskara / badRace.md
Last active January 24, 2022 10:18
inctfj 2021 - qualifiers - badRace

badRace

Challenge Points: 200

No of Solves: 6

Challenge Author: d1g174l_f0r7r355

This was one of the medium challenges I made for inctfj qualifiers. It is based on ret2shellcode.

@shravya-bhaskara
shravya-bhaskara / pack_alpha.md
Created January 24, 2022 10:06
inctf 2021 - qualifiers - pack_alpha

pack_alpha

Challenge Points: 488

No of Solves: 17

Challenge Author: d1g174l_f0r7r355

Challenge file: chall