ALLES! CTF 2020 – Actual ASLR 1/2

The ALLES! CTF (ctftime.org) took place from 04/09/2020, 16:00 UTC to 06/09/2020, 19:00 UTC with a variety of interesting, creative challenges.

Within this article I want to share my writeup on the two challenges Actual ASLR 1 and 2, which were authored by LiveOverflow. What I especially liked about the challenge(s) is that you could make progression step by step even getting a first flag on the way to a full shell, which grants access to the second flag.

The article is divided into the following sections:

Actual ASLR 1
    – Binary
    – Random Algorithm
    – Reimplementation In Python
    – First Flag

Actual ASLR 2
    – Custom Heap
    – Vulnerability
    – Heap Leak
    – Image Base Leak
    – Overwriting Function Pointer
    – Final Exploit


Continue reading “ALLES! CTF 2020 – Actual ASLR 1/2”