Overview of the program A python library written in C is given. This library provides a Tree-like data structure and apis for you to handle the structure like creating a Tree, adding a child node to a parent node, finding a node by "name", and so on. I extracted below some important parts of the library's implementation: user-defined Python's Object, add_child_left and find_node. typedef long long int lli; typedef struct { PyObject_HEAD PyObject *object; PyObject *left; PyObject *right; } Tree;
12/23/2021This is a simple heap challenge. char *ptr = NULL; void create() { unsigned size; printf("size: "); scanf("%u", &size); ptr = malloc(size); printf("data: ");
10/3/2021Author: @azatorium08 = @azaika (C++ trick idea + code review) + @moratorium08 (all the other parts) This is a chat service written in C++. This program makes use of named pipes for the communications between client and host. Before connecting to the C++ app, there is mutual exclusion process to make sure that there is only one client and host respectively. 0. Overview of Pwning First, did you find this behavior? $ ./host what's your name? >a connected...
10/3/2021This is a "buggy"-OCaml sandbox escape challenge. The bug is caused in the function is_nonexpansive (c.f. https://github.com/ocaml/ocaml/blob/4.12/typing/typecore.ml#L2070-L2166). This is related to whether a type variable can be generalized. Can you bypass the "type-sandbox" and get shell? Overview of Pwning We can create a "magic" function as follows (the reason is explained below): # let magic x = let l = ref None in l := Some(x); let Some(x) = !l in x;; # magic;; - : 'a -> 'b = <fun>
10/3/2021