A list of some of the exploits I’ve written lately (that are allowed to be published). Mainly for myself to reference again if I need it:)
Recent
- LACTF Rickroll Format String Exploit https://gist.github.com/xct/0be84416307b66168f050cb9da64c5c4
- IdekCTF 2023 Typop (ROP, CSU) https://gist.github.com/xct/5c4be3073ba76fea3a52d03a84cf0350
- Real World CTF 2023 NonHeanvyFTP (Race Condition) https://gist.github.com/xct/f17488f42d48014a5dcc060714dbec1a
- ShaktiCTF 2022 PhrackCrack (Heap – House of Force) https://gist.github.com/xct/88db526da32d492f3818d15942bbb39b
- ShaktiCTF 2022 Ropworks (ROP) https://gist.github.com/xct/a2547024ea0922398450c71a44692955
- GlacierCTF 2022 (Heap – Fastbin Dup) https://gist.github.com/xct/87ee193e28f66813a9e309cf29a4bc3c
- SquareCTF 2022 (Yara / Valgrind) https://gist.github.com/xct/9b60d9255afe400dd0ce7bb774e613ec
- Ekoparty 2022 (Windows, ROP) https://gist.github.com/xct/c4569bd15ad85ea1b5917325b203e15b
- MTS HW Driver EOP (Windows, Kernel) https://gist.github.com/xct/7d192b448793fc6decb4b59c5382bd61
…
Windows Kernel Practice
- Null Pointer Dereference Win7 x64 HEVD
- Pool Overflow Win7 x64 HEVD
- Stack Overflow Win10 , GS, Version 2, Version 3 x64 HEVD
- Type Confusion Win10, Version 2 x64 HEVD
- Use-after-free Win10 x64 HEVD
- Arbitrary Read/Write Win10 , Low Integrity, x64 Gigabyte Driver
- Arbitrary Write Win10 x64 HEVD
Browser Practice
Chrome
- StarCTF OOB custom patched Chromium, out-of-bounds access, renderer RCE
Firefox
- Midenios custom patched Firefox, out-of-bounds access, renderer RCE