Skip to content

hacking

Introduction to Stack

  • by

In this series I am going to introduce the concept of a stack, explain what it does, how it works and why it’s so important and what can be done when it’s not protected correctly. I’m going to be explaining how the stack works on Linux based systems on x86-64 CPUs but it’s in most parts similar on Windows and other OSes as well as other processor architectures. In order to fully understand topics covered you need to know how to do linux command line stuff (basics). You also need to have some experience with C programming. A bit of… Read More »Introduction to Stack

Writeup – FBCTF 2019 – Web – Product Manager

  • by

For this challenge we had a website that had three functions:– showing top 5 products– displaying details of one product (requires name and secret)– adding a new product Apart from that we had access to the source code. From the quick overview everything seemed perfect, not vulnerable to SQL injection (bind_param used), secret hashed, protection against adding a new product when one with the same name already exists etc. Here are some parts of the source code: You can’t show the product if you don’t have a secret and you can’t overwrite it if it already exists. Also on the… Read More »Writeup – FBCTF 2019 – Web – Product Manager