Recent posts

Pwnable.kr - lotto

The game asks for 6 bytes and compares them with 6 random bytes in the range [1-45], if the number of matches is 6 we...

1 minute read

Pwnable.kr - blackjack

In this challenge we have a simple blackjack game source code and we have to find a bug in it that will make us milli...

1 minute read

Pwnable.kr - coin1

In this challenge we are not given any binary or source code, it's just a netcat connection: $ nc pwnable.kr 9007...

3 minute read

Pwnable.kr - shellshock

The challenge represents the very well known vulnerability `CVE-2014-6271` also known as `shellshock`. I won't go int...

less than 1 minute read

Pwnable.kr - mistake

This challenge requires some observation. first it opens `/home/mistake/password` then it reads from it (supposedly) ...

1 minute read

Pwnable.kr - leg

This is a simple arm challenge. It compares the input key with the sum of 3 functions, we are also given the assembly...

2 minute read

Pwnable.kr - input

The challenges tests your ability to feed input to different sources. Stage 1 (command line args): argc (num of argum...

3 minute read

Deep Analysis of RogueRobin Trojan (DarkHydrus APT)

The first stage of this malware is an excel document with a `macro`, it asks to click `Enable Content` to run the mac...

8 minute read