Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

A pointer is created; but, only when going down certain paths. But, the value is still used later on! So, it is possible to send a request that goes around the switch statements creation of the pointer. From here, the out of bounds write can be turned into an RCE.

The other two vulns are created because no bounds check is done while writing data.

Additional article with a subtle vuln: off by one. This is not the most exploitable thing but could be the entry point into deeper memory corruption bugs.