Heap exploitation challenge from Dream 2025

The 2nd of November EPT hosted Equinor CTF 2024 onsite in Oslo. It was a jeopardy ctf with an added Boot2Root/RealWorld category where the goal was to root the challenge-machines, with some of them...

This writeup covers three of the pwn challenges from WackAttack CTF 2024, organized by WackAttack. The CTF lasted for 48 hours, with my team placing 9th in the competition. Dice Game Initial Ana...

My First Overflow Connecting to the remote instance with netcat we are given some of the source code for the challenge. struct file_data { char buf[32]; char path[64]; uint32_t size;...

heaps-of-fun was a heap exploit challenge from Amateurs CTF 2024 which involved exploiting the tcache and a Use-After-Free vulnerability in the program. Challenge files can be found here. Initia...

baby-talk was a pwn challenge from Dice CTF 2024. The challenge involves exploiting the heap with the House of Einherjar attack. Challenge files can be found here. Initial Analysis Before we begin...

Initiell aksess 2.0.1_manipulaite_1 Vi får info om et treningsopplegg for social engineering i INTREPen til oppdraget. Vi kan koble til denne med nc manipulaite 8880. Denne oppgaven består av at ma...

1.1_scoreboard Første grunnleggende oppgave viser oss hvordan vi skal submitte flaggene vi finner. Vi har fått ei FLAGG fil som viser kommandoen vi må bruke. login@corax:~/1_grunnleggende/1_scorebo...

Ribbit Initial Analysis If we run the given binary it asks for some input, and then nothing more happens. loevland@hp-envy:~/ctf/nbctf/ribbit$ ./ribbit Can you give my pet frog some motivation to...

Los-ifier Initial Analysis We are given a binary and Dockerfile. The binary is statically linked, meaning that it contains functions that usually are located in libc (dynamically linked). loevlan...