Ethical hacker | OSCE(3) CRTM CRTL GXPN GRTP GCIH
This is a WiFi Pentesting guide I wrote some time ago after years carrying out WiFi pentests (and a BSc thesis about this topic). I received many questions from colleagues so I decided to share most of my knowledge and prepared VMs for some specific attacks.
particles.js is a lightweight JavaScript library for creating particles.
Description: Call the ret2win() function, the caveat this time is that the third argument (which you know by now is stored in the rdx register on x86_64 Linux) must be 0xdeadcafebabebeef
Description: There’s only enough space for a three-link chain on the stack but you’ve been given space to stash a much larger ROP chain elsewhere. Learn how to pivot the stack onto a new location.
Description: There’s only enough space for a three-link chain on the stack but you’ve been given space to stash a much larger ROP chain elsewhere. Learn how to pivot the stack onto a new location.
Description: The concept here is identical to the write4 challenge. The only difference is we may struggle to find gadgets that will get the job done.
Description: The concept here is identical to the write4 challenge. The only difference is we may struggle to find gadgets that will get the job done.