Cousin Wu Ka Lok

Second-year PhD student in the Computer Science Department at Stony Brook University. CTF, Maths enthusiast. A member of the Black Bauhinia (blackb6a) CTF team based in Hong Kong.

A simple-ish demo of a buffer overflow with ret2code, made possible by the wasm port of the Unicorn engine, which is a multi-platform, multi-architecture CPU emulator. I also made use of Keystone.js and Capstone.js, which are wasm ports of Keystone (which is an assembler framework) and Capstone (which is a disassembler framework).

Demo

For this demo, your goal is to reach the function win, located at the address 0x402000.

The C code of the assembly code below would be roughly like so: 
#include "stdio.h"

void win(){
    // You win by calling this function.
}

void main(){
    vuln();
}

void vuln(){
    char arr[0x10];
    gets(arr);
    return;
}

Stack

Registers

Functions

Controls

Input

You can change the value of the input by clicking on the bytes.

Error Log