Overview of the program A python library written in C is given. This library provides a Tree-like data structure and apis for you to handle the structure like creating a Tree, adding a child node to a parent node, finding a node by "name", and so on. I extracted below some important parts of the library's implementation: user-defined Python's Object, add_child_left and find_node. typedef long long int lli; typedef struct { PyObject_HEAD PyObject *object; PyObject *left; PyObject *right; } Tree;
12/23/2021Overview of the challenge The concept of this challenge is to introduce an packer-like technique to pyc object. The given pyc file contains a packed code in the middle of code bytes so python's dis cannot disassemble this program. >>> dis.dis(x) 0 0 EXTENDED_ARG 3 2 JUMP_ABSOLUTE 898 4 ROT_THREE Traceback (most recent call last):
12/23/2021Author: @azatorium08 = @azaika (C++ trick idea + code review) + @moratorium08 (all the other parts) This is a chat service written in C++. This program makes use of named pipes for the communications between client and host. Before connecting to the C++ app, there is mutual exclusion process to make sure that there is only one client and host respectively. 0. Overview of Pwning First, did you find this behavior? $ ./host what's your name? >a connected...
10/3/2021This is a "buggy"-OCaml sandbox escape challenge. The bug is caused in the function is_nonexpansive (c.f. https://github.com/ocaml/ocaml/blob/4.12/typing/typecore.ml#L2070-L2166). This is related to whether a type variable can be generalized. Can you bypass the "type-sandbox" and get shell? Overview of Pwning We can create a "magic" function as follows (the reason is explained below): # let magic x = let l = ref None in l := Some(x); let Some(x) = !l in x;; # magic;; - : 'a -> 'b = <fun>
10/3/2021or
By clicking below, you agree to our terms of service.
New to HackMD? Sign up