I had the opportunity to compete in the CSAW CTF Finals 2018 for a second year in a row, with the UMBC Cyber Dawgs. It was a lot of fun, despite our somewhat lackluster finish in 10th place. I learned a lot. For instance, in this challenge, I learned how to exploit a Use-After-Free vulnerability (in WebAssembly no doubt!).
WASM is the future of the web! JS devs will be writting c++, what could go wrong?. This debugger might help kinda shrug emoji Written by itszn, Ret2 Systems http://pwn.chal.csaw.io:1000 HINT: You can get source via /test.wasm.map and /test.cpp
Continue reading “CSAW CTF Finals 2018 – Wic Wac Woe 1 writeup”