https://hackropole.fr/en/shellcode/ Recent content in shellcode on Hackropole Hugo en Fri, 18 Apr 2025 00:00:00 +0000 https://hackropole.fr/en/challenges/pwn/fcsc2025-pwn-bigorneau/ Mon, 28 Apr 2025 00:00:00 +0000 https://hackropole.fr/en/challenges/pwn/fcsc2025-pwn-bigorneau/ <p>We often try to obtain shellcodes with strange constraints, either in size, alphanumeric, etc. Here, we&rsquo;re attempting a new weird constraint for an x64 shellcode: you are only allowed to use 6 different byte values (i.e., <code>len(set(shellcode)) &lt;= 6</code>)!</p> https://hackropole.fr/en/challenges/pwn/fcsc2025-pwn-long-prime-shellcode/ Mon, 28 Apr 2025 00:00:00 +0000 https://hackropole.fr/en/challenges/pwn/fcsc2025-pwn-long-prime-shellcode/ <p>After <a href="https://hackropole.fr/en/challenges/pwn/fcsc2021-pwn-encrypted-shellcode/"><code>Encrypted Shellcode</code></a> and <a href="https://hackropole.fr/en/challenges/pwn/fcsc2024-pwn-hashed-shellcode/"><code>Hashed Shellcode</code></a>, why not play with a large prime number? :-)</p> <p>This challenge exists in a more difficult version: <a href="https://hackropole.fr/en/challenges/pwn/fcsc2025-pwn-small-primes-shellcode/"><code>Small Prime Shellcode</code></a></p> https://hackropole.fr/en/challenges/pwn/fcsc2025-pwn-small-primes-shellcode/ Mon, 28 Apr 2025 00:00:00 +0000 https://hackropole.fr/en/challenges/pwn/fcsc2025-pwn-small-primes-shellcode/ <p>The <a href="https://hackropole.fr/en/challenges/pwn/fcsc2025-pwn-long-prime-shellcode/">version</a> with just one large prime number was too easy, right? Here&rsquo;s another one with more constraints :-)</p> https://hackropole.fr/en/challenges/pwn/fcsc2024-pwn-hashed-shellcode/ Mon, 15 Apr 2024 00:00:00 +0000 https://hackropole.fr/en/challenges/pwn/fcsc2024-pwn-hashed-shellcode/ <p>Did you enjoy the <a href="https://hackropole.fr/en/challenges/pwn/fcsc2021-pwn-encrypted-shellcode/"><code>Encrypted Shellcode</code></a> challenge from FCSC 2021? Guess what? Here is a variant using a hash function!</p> <p><strong>Note :</strong> the Docker image base on the remote service is <code>debian:bookworm-slim</code>.</p> https://hackropole.fr/en/challenges/pwn/fcsc2023-pwn-keskidi/ Mon, 25 Dec 2023 00:00:00 +0000 https://hackropole.fr/en/challenges/pwn/fcsc2023-pwn-keskidi/ <p><em>Pwn this!</em></p> <p><strong>Warning :</strong> the remote connection closes after 60 seconds.</p> https://hackropole.fr/en/challenges/pwn/fcsc2022-pwn-palindrome/ Fri, 01 Dec 2023 00:00:00 +0000 https://hackropole.fr/en/challenges/pwn/fcsc2022-pwn-palindrome/ <p>Here is a shellcoding exercice as you like it! [At least I hope you do :-)]</p> <p>A more complex variant of this challenge is available here: <a href="https://hackropole.fr/en/challenges/pwn/fcsc2022-pwn-palindrome-harder/">Palindrome (Harder)</a>.</p> https://hackropole.fr/en/challenges/pwn/fcsc2022-pwn-palindrome-harder/ Fri, 01 Dec 2023 00:00:00 +0000 https://hackropole.fr/en/challenges/pwn/fcsc2022-pwn-palindrome-harder/ <p>Here is a shellcoding exercice as you like it! [At least I hope you do :-)]</p> <p>A simpler variant of this challenge is available here: <a href="https://hackropole.fr/en/challenges/pwn/fcsc2022-pwn-palindrome/">Palindrome</a>.</p> https://hackropole.fr/en/challenges/pwn/fcsc2022-pwn-shellcode/ Fri, 15 Dec 2023 00:00:00 +0000 https://hackropole.fr/en/challenges/pwn/fcsc2022-pwn-shellcode/ <p>Do you know what a <em>shellcode</em> is?</p> https://hackropole.fr/en/challenges/pwn/fcsc2021-pwn-asmophile/ Fri, 22 Dec 2023 00:00:00 +0000 https://hackropole.fr/en/challenges/pwn/fcsc2021-pwn-asmophile/ <p>How well do you known x64 assembly?</p> https://hackropole.fr/en/challenges/pwn/fcsc2021-pwn-encrypted-shellcode/ Tue, 19 Dec 2023 00:00:00 +0000 https://hackropole.fr/en/challenges/pwn/fcsc2021-pwn-encrypted-shellcode/ <p>During an autit, you found these files and those commands:</p> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-sh" data-lang="sh"><span class="line"><span class="cl">$ dd <span class="k">if</span><span class="o">=</span>/dev/urandom <span class="nv">of</span><span class="o">=</span>key.bin <span class="nv">bs</span><span class="o">=</span><span class="m">16</span> <span class="nv">count</span><span class="o">=</span><span class="m">1</span> </span></span><span class="line"><span class="cl">$ ./esc -e &lt; stereogram.png &gt; stereogram.png.enc </span></span><span class="line"><span class="cl">$ ./esc &lt; stereogram.png </span></span><span class="line"><span class="cl"><span class="o">[</span>&gt;<span class="o">]</span> Done encrypting <span class="m">1280731</span> bytes. </span></span><span class="line"><span class="cl"><span class="o">[</span>2<span class="o">]</span> <span class="m">11735</span> segmentation fault ./esc &lt; stereogram.png </span></span></code></pre></div><p>It seems that this crash has been exploited: can you figure out how and read <code>flag.txt</code>?</p> <p>You don&rsquo;t have <code>key.bin</code>, but the service provided gives access to <code>esc</code> (without arguments) using the same <code>key.bin</code> file as the one generated by the above command.</p> https://hackropole.fr/en/challenges/pwn/fcsc2020-pwn-risky-business/ Tue, 19 Dec 2023 00:00:00 +0000 https://hackropole.fr/en/challenges/pwn/fcsc2020-pwn-risky-business/ <p>The challenge is not very risky: simply read the content of <code>flag.txt</code>.</p>