s          ..                                 
    :8    < .z@8"`        ..                       
   .88     !@88E         @L             u.    u.   
  :888ooo  '888E   u    9888i   .dL   x@88k u@88c. 
-*8888888   888E u@8NL  `Y888k:*888. ^"8888""8888" 
  8888      888E`"88*"    888E  888I   8888  888R  
  8888      888E .dN.     888E  888I   8888  888R  
  8888      888E~8888     888E  888I   8888  888R  
 .8888Lu=   888E '888&    888E  888I   8888  888R  
 ^%888*     888E  9888.  x888N><888'  "*88*" 8888" 
   'Y"    '"888*" 4888"   "88"  888     ""   'Y"   
             ""    ""           88F                
                               98"                 
                             ./"                   
                            ~`
Musings from a mediocre hacker

Learning to Solve basic Crackme's with Pwnable.kr

Throughout the journey I will reference multiple sources and people to gain a better understanding of binary exploitation and reverse engineering at large.

To begin my journey I will go through

https://research.checkpoint.com/wp-content/uploads/2020/03/pwnable_writeup.pdf

I attempted http://microcorruption.com/ but with my current knowledge I can’t even begin to understand what’s going on. I would have to continue on the SLAE course and work more with disassemblers to read the assembly instructions and work with their debugger.

Onto pwnable.kr challenges, challenge 0x02 Bof, a buffer overflow challenge with the source code included to look at.

They initialize key as a variable, initialize a buffer of 32 bits for “overflow me”, prints that statement to console.

They then ask for inputs with gets

(which is a dangerous for memory error if implemented incorrectly, it just seeks input without verifying how much data will fit in the buffer)

Work in progress, continuing tomorrow