Tag: pwnable

  • Writeup: pwnable.kr “unlink”

    Pretty easy task from pwnable.kr but took me waaay too long. We’ve got here three structures allocated on the heap, which are doubly-linked in a ptalloc fashion where a chunk’s header contains a pointer to the previous chunk and to the next one. There is also an obvious overflow which presumably would allow us to…