NguyenDD's Blog - Ctf writeups

Heapwarden - dreamhack.io

Lười viết writeup (vứt lên đây để lưu template fsop) Exploit12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273...

2026-03-19

dreamhack.io

Secret of my heart (400 pts) - pwnable.tw

0x1. Initial Reconnaissancefile12↪ file secret_of_my_heartsecret_of_my_heart: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, f...

2025-09-30

pwnable.tw

Re-alloc revenge (350 pts) - pwnable.tw

0x1. Initial Reconnaissancefile12↪ file re-alloc_revengere-alloc_revenge: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, Build...

2025-09-24

pwnable.tw

Heap paradise (350 pts) - pwnable.tw

0x1. Initial Reconnaissancefile12↪ file heap_paradiseheap_paradise: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Lin...

2025-09-20

pwnable.tw

Bookwriter (350 pts) - pwnable.tw

0x1. Initial Reconnaissancefile12↪ file bookwriterbookwriter: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.32,...

2025-09-12

House of Orange Attack

0x1. PreparationTo use this attack, you must have libc address and be able to overflow heap, overwrite top chunk’s size. And this attack just works with glibc with version <= 2.25. 0x2. Per...

2025-09-09

Secret garden (350 pts) - pwnable.tw

0x1. Initial Reconnaissancefile12↪ file secretgardensecretgarden: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux ...

2025-09-04

pwnable.tw

Babystack (250 pts) - pwnable.tw

0x1. Initial Reconnaissancefile12↪ file babystackbabystack: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.3...

2025-09-01

pwnable.tw

Spirited away (300 pts) - pwnable.tw

0x1. Initial Reconnaissancefile12↪ file spirited_awayspirited_away: ELF 32-bit LSB executable, Intel i386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, for GNU/Linux 2.6.24...

2025-08-29

pwnable.tw

Seethefile (250 pts) - pwnable.tw

0x1. Initial Reconnaissancefile12↪ file seethefileseethefile: ELF 32-bit LSB executable, Intel i386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, for GNU/Linux 2.6.32, Buil...

2025-08-29

pwnable.tw