Buffer Overflow (ret2win) with 5 char* Arguments - "Vader" Pwn Challenge [Space Heroes CTF 2022]

Video walkthrough for a Pwn challenge, "Vader" from the Space Heroes (CTF) competition 2022. In this challenge we use a buffer overflow to return to a "win" function, but first we must prepare 5 parameters (char*). We'll use checksec, ghidra, GDB-PwnDbg, ropper and put together a PwnTools script. Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #SpaceHeroes #SpaceHeroesCTF #CTF #Pentesting #OffSec

Write-up: https://book.cryptocat.me/ctf-writeup...

↢Space Heroes CTF↣
https://ctftime.org/event/1567
https://spaceheroes.ctfd.io/challenges
  / discord  

👷‍♂️Resources🛠
https://cryptocat.me/resources

↢Chapters↣
Start: 0:00
Basic file checks: 0:18
Disassemble with ghidra: 1:37
Find POP gadgets with ropper: 3:43
Find RIP offset with GDB-PwnDbg: 4:35
PwnTools script: 5:25
Debug exploit with GDB: 8:27
Test remotely: 11:12
End: 12:00