heap
AceBear Security Contest House-of-loop
· ☕ 7 min read
House-of-loop Hi everyone, this is the writeup for the challenge House-of-loop in the AceBear Security Contest 2019 You may want to checkout the exploit code Description We are given a stripped ELF x64 binary which can be interacted with, our task is to get remote code execution(RCE).

RITSEC18 Yet another HR Management Framework
· ☕ 2 min read
By judging the program’s interface, we know that it was a heap challenge. Spent quite a lot of time reversing it, I figured it out that it malloc a few bytes for the person struct on the heap, then the name will be malloc with the size entered and that address will be put in the person struct.