iExploit

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Top Posters

Who's Online (2)

Powered by Vanilla. Made with Bootstrap.
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
Challenge Suggestions
  • Sh3llc0d3
    Posts: 1,910
    Well this is pretty much in the title, if you fancy contributing suggestions towards fresh challenges let us know and we'll try and put them to work. Use the below template when posting, (topic areas are: Basic / Javascript / Cryptography / Reverse Engineering / Forensics)


    [b]Challenge subject area: [/b]
    [Spoiler=Challenge]*Challenge info*[/spoiler]
    [spoiler=Suggested Solution]*Solution*[/spoiler]


    Thanks guys :)
  • L0g0nb3rry
    Posts: 4
    "Dream in Code" did a year long challenge, whereby users had to learn many different languages, challenges are included in some of them, but resources in all of them. I think it's pretty neat, getting through it all would be a hell of a challenge, it can be found here.
  • m0rph
    Posts: 332
    I can whip up a simple program in C vulnerable to buffer overflows. Of course...I'll have to recover from my hangover that I'm about to receive tomorrow. However, I can think of some simple rules.

    1. Must submit PoC via PM to anyone interested in over-seeing the challenge (Rank on the site doesn't matter, as long as you are very familiar with buffer overflows).
    2. Submit links to resources used, as long as the PoC is written in challengers' own words (if that makes sense?).
    3. Document any new things learned in the process.

    Note: It won't be a difficult buffer overflow, it will be very simple. OS used won't be a factor, the code is universal to exploitation on most if not all OS's (that support C), to my knowledge.

    It's a great learning experience, for real, and if need be...I can help review PoC's. I know it's kinda shitty of me to say this, but I doubt a lot of members will be up for the challenge, regardless of it's simplicity. If you're interested Sh3llc0d3, just let me know.
    while( !(succeed = try() ) );
  • Sh3llc0d3
    Posts: 1,910
    Definitely interested m0rph, if you could whip up an example I think that'd be good.
  • m0rph
    Posts: 332
    said:


    Definitely interested m0rph, if you could whip up an example I think that'd be good.


    Update: It's getting alot closer, the only problem I'm having now is having return addresses being called after the buffer is filled. For some reason, it's stopping at the first byte of every return address I give it. For example: if the ret is "\x24\x85\x04\x08" it will stop at \x24 and then it will convert it into ascii. Strange stuff man.
    while( !(succeed = try() ) );
Add a Comment