Docs

Kpwn tecniques: modprobe_path

modprobe_path is a global variable that in most kernels is RW. This variable is contains a path to an executable, do you see where this is going..?

January 14, 2025 · leo_something
kernel pwn

Kpwn tecniques: struct msg_msg

msg_msg is a really powerful and elastic kernel struct that can be abused to obtain strong primitives, such as arbitrary read/write/free.

January 14, 2025 · leo_something
kernel pwn

Ret2dlresolve in 64bit binaries

Ret2dlresolve is a really powerful tecnique to use in pwn challenges (even tho it’s not frequently seen). It’s useful when we don’t have libc leaks or don’t know the libc version.

June 12, 2024 · leo_something
pwn dlresolve

DestructiveFarm setup for A/D CTFs

DestructiveFarm is a popular tool used in CTFs and what it does is running exploits every tick to retrieve flags and automatically submit them to the checker.

April 19, 2024 · team bhackari
attack-defense infra

Tulip setup for A/D CTFs

Tulip is a traffic analyzer tool made for A/D CTFs, this post walks you throught all the important steps requied to deploy Tulip painlessly (hopefully).

April 19, 2024 · leo_something
attack-defense infra