Blog Posts
Try solving these challenge on your own, and use this guide only when needed. If you want more challenges you can search in (pwn-hub) basic attacks
2024
v8 - ArrayShift Race Condition
·2123 words·10 mins
Browser
V8
Arrayshift
Turbofan
In this post, we’ll explore how to exploit a race condition in the V8 JavaScript engine, between the turbofan thread and the main thread that executes ArrayShift builtin function.
CVE-2024-0517 Quick Blog
·1337 words·7 mins
Browser
V8
Maglev
This post explores a vulnerability found in the Maglev optimizing compiler of V8, specifically within a function responsible for optimizing classes that inherit from a parent class.
expm1-35C3 - Bug/ Optimizations Analysis
·1734 words·9 mins
Math.expm1
Typer
OOB
In this post, we’ll dive deep into a fascinating bug in the V8 JavaScript engine that arises from the mishandling of the Math.expm1(-0) function during the optimization process.
2020
Executable and Linkable Format - Sections and Segments
·656 words·4 mins
Sections
Segments
ELF
So the ELF or Excecutable and Linkable format are programs or binaries that are used in linux systems. ELFs contain 3 components namely:
Global Offset Table and Procedure Linkage Table
·503 words·3 mins
Short-Blog
Pwn
GOT
How do programs know where the libc functions are in the libc, How is the internal implementation of the same ? We will look into GOT and PLT in short in this one.
Dynamic and Static Linking
·688 words·4 mins
Short-Blog
Dynamic and Static Linking
We will take a quick look into the different types of linking of libraries to the ELF in x86 (linux).
SQL Injection [web]
·714 words·4 mins
Sql
Injection
Fun
What is a Database: # A database can be thought as a collection of data in an organised manner.
2019
My First CTF [life]
·669 words·4 mins
Experience
Life
There was too much to learn than to compete in the competition. Spoiler alert, this is my first CTF finals, hope that justifies all the drama. Before jumping to my story…