A large archive of writeups for the CTF competition's Binary Exploitation category with the purpose of educating other CTF competitors about hacking techniques.

All of these writeups are written by me :D (Shuban Pal)

CTF is one of my favorite passtime activities. I also like to document many of my solutions for CTF problems in the form of writeups.

CTFs I have played in:

PicoCTF 2022 (First CTF)
HSCTF 9
Imaginary CTF 2022
PicoCTF 2023
HSCTF 10
Imaginary CTF 2023
PicoCTF 2024
UTCTF 2024 
SwampCTF 2024 
PlaidCTF 2024
Cyber@CIT CTF 2024
CPCTF 2024 Individuals 

However, I may also include writeups from old or other CTFs I have not competed in

I am not a competitive player, I play CTF rather casually with friends as a sort of computer science puzzle. I mainly do Binary Exploitation (also called Pwn) in CTF competitions and have experience in using tools such as:

• 🐍Python
• 🥷Pwntools
• 🦗 GNU Debugger (GDB)
• 🐧Linux
• 🐉Ghidra or Binary Ninja

I am not a security professional, I am just a high schooler learning and improving my Pwn and Binary Exploitation skills. As I improve, I will make sure to go back and improve the quality of any of the content stored here and I will also expand this collection to fit more complex problems.

✅ Check marks mean that the writeup is posted and ready. If no check mark is present, the writeup is still being worked on

1. sky's the limit
2. CPCT

• Heap problems
  1. Heap 0 (50 pts)
  2. Heap 1 (100 pts)
  3. Heap 2 (200 pts)
  4. Heap 3 (200 pts)
• Format String problems
  1. Format String 0 (50 pts)
  2. Format String 1 (100 pts)

• Privelege Escalation problems
  1. VNE (200 pts) ✅
  2. hijacking (200 pts)
  3. toctou (200 pts)
• two-sum (100 pts) ✅
• babygame01 (100 pts)

• Buffer Overflow problems
  1. Buffer Overflow 0 (100 pts)
  2. Buffer Overflow 1 (200 pts)
  3. Buffer Overflow 2 (300 pts)
  4. Buffer Overflow 3 (300 pts)
• RPS (200 pts)
• basic-file-exploit (100 pts)
• x-sixty-what (200 pts)
• flag leak (300 pts)
• ropfu (300 pts)

• clutter-overflow (150 pts)