ROP Emporium Challenge 7 - Ret2csu (64 bits)
Description: Call the ret2win() function, the caveat this time is that the third argument (which you know by now is stored in the rdx register on x86_64 Linux) must be 0xdeadcafebabebeef
ROP Emporium Challenge 6 - Pivot (32 bits)
Description: There’s only enough space for a three-link chain on the stack but you’ve been given space to stash a much larger ROP chain elsewhere. Learn how to pivot the stack onto a new location.
ROP Emporium Challenge 6 - Pivot (64 bits)
Description: There’s only enough space for a three-link chain on the stack but you’ve been given space to stash a much larger ROP chain elsewhere. Learn how to pivot the stack onto a new location.
ROP Emporium Challenge 5 - Fluff (32 bits)
Description: The concept here is identical to the write4 challenge. The only difference is we may struggle to find gadgets that will get the job done.
ROP Emporium Challenge 5 - Fluff (64 bits)
Description: The concept here is identical to the write4 challenge. The only difference is we may struggle to find gadgets that will get the job done.
ROP Emporium Challenge 4 - Badchars (64 bits)
Description: An arbitrary write challenge with a twist; certain input characters get mangled before finding their way onto the stack
ROP Emporium Challenge 4 - Badchars (32 bits)
Description: An arbitrary write challenge with a twist; certain input characters get mangled before finding their way onto the stack