HSCTF 2021 | PWN Use After Freedom TL;DR Vulnerability: use after free Exploit steps: Leak glibc address by freeing a chunk into unsorted bins Perform partial unlink (unsorted bin attack) to overwrite global_max_fast Free a 0x3940 sized chunk to overwrite __free_hook with the address of 0x3940 sized chunk Use write after free to change the fd of 0x3940 sized chunk with system Allocate a 0x3940 sized chunk so _free_hook becomes system Call free(/bin/sh) Exploit #!

addslashes sanitization bypass through the abuse of vsprintf functionality

As usual we start with a nmap scan to find open ports and services on the server. ┌──(codacker㉿kali)-[~/Workspace/HTB/boxes/Worker] └─$ sudo nmap -sC -sV -oA nmap/tcp-initial -vv 10.10.10.203 ... PORT STATE SERVICE REASON VERSION 80/tcp open http syn-ack ttl 127 Microsoft IIS httpd 10.

An explainable artificial intelligence (XAI) agent is an autonomous agent that uses a fundamental XAI model at its core to perceive its environment and suggests actions to be performed. One of the significant challenges for these XAI agents is performing their operation efficiently, which is governed by the underlying inference and optimization system. Along similar lines, an Explainable Fuzzy AI Challenge (XFC 2022) competition was launched, whose principal objective was to develop a fully autonomous and optimized XAI algorithm that could play the Python arcade game “Asteroid Smasher”. This research first investigates inference models to implement an efficient (XAI) agent using rule-based fuzzy systems. We also discuss the proposed approach (which won the competition) to attain efficiency in the XAI algorithm. We have explored the potential of the widely used Mamdani- and TSK-based fuzzy inference systems and investigated which model might have a more optimized implementation. Even though the TSK-based model outperforms Mamdani in several applications, no empirical evidence suggests this will also be applicable in implementing an XAI agent. The experimentations are then performed to find a better-performing inference system in a fast-paced environment. The thorough analysis recommends more robust and efficient TSK-based XAI agents than Mamdani-based fuzzy inference systems.

In this article I went through the technique of sig-return oriented programming which can be used to exploit buffer overflow attacks when we don’t have many ROP gadgets inside the binary, this technique exploits how Linux kernel handles the sig return syscall.

In this article we went through a lot of different techniques that can be used to obfuscate a binary so that an attacker cannot easily reverse engineer the binary to find out what it does. Some of the techniques included were encrypting the binary with a key and decrypting it on the runtime and using partial differential in order to confuse the reverse engineering tools like ida pro so that it will seem corrupt when opened inside ida pro but meanwhile it will run correctly when we run it.