Home » Tags

Buffer-Overflow

Secure Admin Panel — Stack Canary Leak + ret2win

Leak the stack canary via a controlled print function, then overflow to overwrite the return address without triggering the canary check.

February 28, 2026 · 3 min · giordii

Split — ret2win with ROP pop rdi Gadget

Classic x86-64 ret2win: overflow the return address, use a pop rdi gadget to pass the /bin/cat flag.txt string as argument, jump to system.

January 1, 2025 · 3 min · giordii

Doge Ransom — IBAN Buffer Overflow with Control Byte Injection

The IBAN input field copies 28 bytes into a buffer with room for 49. Appending the control byte 0x03 after the valid IBAN data overflows into an adjacent flag variable and unlocks the ransomware payment path.

January 1, 2024 · 2 min · giordii

Guess The Number — Stack Overflow + Integer Overflow

Overflow the name buffer to corrupt the internal number variable, then feed back the overflowed value as a decimal integer to satisfy the equality check.

January 1, 2024 · 2 min · giordii

More Private Club — Simple ret2win Buffer Overflow

Overflow a stack buffer to overwrite the return address with a known win function address, then trigger it.

January 1, 2024 · 1 min · giordii