Hi folks ๐Ÿ“ฎ

Welcome to my blog about ctf, security & anything else

How to fix Formula1 or how to make F1 even more exciting sport.

I have one idea on how to fix Formula 1. If we want racing to be more fair, we should have the same cars for every driver. So, the idea is that driversโ€™ points will be counted as they are now, with a certain amount of points awarded for each race and position. However, the constructor championship will not be calculated as the sum of driversโ€™ points in the same team....

June 2, 2023 ยท 2 min ยท Matus Bursa

F5 BIG-IP iControl REST vulnerability CVE-2022-1388

Good afternoon to every security researcher. I would like to share my experience of finding announced vulnerability by internal F5 security team and writing the exploit for CVE-2022-1388. You can read more about this vulnerability on thehackernews or helpnetsecurity. iControl REST is an API for interaction between scripts and F5 device, used to manage and control that device automatically. Based on the details of the mitigation, the problem should be somewhere in the Connection: header....

May 9, 2022 ยท 5 min ยท Matus Bursa


Hello hackers, letโ€™s solve another CTF from category easy. This challenge is about format string vulnerability First of all I look what type of file is it % file racecar racecar: ELF 32-bit LSB pie executable, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=c5631a370f7704c44312f6692e1da56c25c1863c, not stripped So I started Ghidra and look at functions there There are couple of interesting functions with various name and after little bit of time looking at the functions I found the right one As you can see, there is a part where the file flag....

May 2, 2022 ยท 2 min ยท Matus Bursa


$ PYTHONIOENCODING=utf8 ./ret2win.py [!] Pwntools does not support 32-bit Python. Use a 64-bit release. [+] Starting local process './ret2win32': pid 26910 ret2win by ROP Emporium x86 For my first trick, I will attempt to fit 56 bytes of user input into 32 bytes of stack buffer! What could possibly go wrong? You there, may I have your input please? And don't worry about null bytes, we're using read()! > Thank you!...

January 3, 2021 ยท 1 min ยท Matus Bursa

Reversing ELF

Hi, today I would like to show you how to solve easy RE CTF and how to start with RE, my directory after finish all challenges looks following: $ tree . โ”œโ”€โ”€ crackme_1 โ”‚ย โ”œโ”€โ”€ crackme1 โ”‚ย โ””โ”€โ”€ flag.txt โ”œโ”€โ”€ crackme_2 โ”‚ย โ”œโ”€โ”€ crackme2 โ”‚ย โ””โ”€โ”€ flag.txt โ”œโ”€โ”€ crackme_3 โ”‚ย โ”œโ”€โ”€ crackme3 โ”‚ย โ””โ”€โ”€ flag.txt โ”œโ”€โ”€ crackme_4 โ”‚ย โ”œโ”€โ”€ crackme4 โ”‚ย โ”œโ”€โ”€ flag.txt โ”‚ย โ””โ”€โ”€ gdb_cmd โ”œโ”€โ”€ crackme_5 โ”‚ย โ”œโ”€โ”€ crackme5 โ”‚ย โ”œโ”€โ”€ flag....

December 7, 2020 ยท 7 min ยท Matus Bursa