Binary Exploitation
V1T CTF · 2025
Feather Maker
32-bit ret2dlresolve — Partial RELRO, NX on, no libc leak, only read@plt. Force the linker to resolve system("/bin/sh").
#32-bit #ret2dlresolve #rop #pwntools
medium wakecall
Two-stage SROP without libc. pop rax; ret + syscall are enough. First frame does read + stack pivot, second frame executes execve("/bin/sh").
#srop #sigreturn #rop #pwntools
medium