Exploiting a Vulnerable Linked List Implementation - "Links 1" Pwn Challenge [ImaginaryCTF]

"Links 1" (Pwn) challenge from ImaginaryCTF (iCTF) 23/06/22 - "I love linked lists, but I can never remember the exact syntax how to implement them in C. Can you check over this implementation and make sure I didn't screw anything up?". In this challenge we'll use Ghidra, GDB-PwnDbg and PwnTools to exploit a vulnerable custom LinkedList implementation by overwriting an entry link to point to the flag. Hope you enjoy 🙂 #CTF #iCTF #ImaginaryCTF #Pwn #BinaryExploitation

Write-ups: https://github.com/Crypto-Cat/CTF/tree/main/ctf_events/ictf/pwn/links

↢Social Media↣
Twitter: https://twitter.com/_CryptoCat
GitHub: https://github.com/Crypto-Cat
HackTheBox: https://app.hackthebox.eu/profile/11897
LinkedIn: https://www.linkedin.com/in/cryptocat
Reddit: https://www.reddit.com/user/_CryptoCat23
YouTube: https://www.youtube.com/CryptoCat23
Twitch: https://www.twitch.tv/cryptocat23

↢ImaginaryCTF↣
https://imaginaryctf.org
https://twitter.com/imaginaryctf
https://discord.gg/9r8AJQkfs3

↢Video-Specific Resources↣
https://www.geeksforgeeks.org/data-structures/linked-list
https://www.youtube.com/watch?v=_jQhALI4ujg

↢Resources↣
Ghidra: https://ghidra-sre.org/CheatSheet.html
Volatility: https://github.com/volatilityfoundation/volatility/wiki/Linux
PwnTools: https://github.com/Gallopsled/pwntools-tutorial
CyberChef: https://gchq.github.io/CyberChef
DCode: https://www.dcode.fr/en
HackTricks: https://book.hacktricks.xyz/pentesting-methodology
CTF Tools: https://github.com/apsdehal/awesome-ctf
Forensics: https://cugu.github.io/awesome-forensics
Decompile Code: https://www.decompiler.com
Run Code: https://tio.run

↢Chapters↣
Start: 0:00
Basic file checks: 0:56
Explore program functionality: 1:28
Linked Lists: 4:44
Review code (ghidra): 8:21
Attack plan: 15:49
First approach (fail): 17:46
Second approach (win): 21:00
Recap: 23:30
End: 25:43