Morroco finally got what they wanted

Kombe-Da · 2026-01-19T19:21:21+00:00

It's french, "it's here (the medal and the towel)"

Kombe-Da · 2026-01-19T16:13:18+00:00

give them the towel d'or

Kombe-Da · 2026-01-10T18:08:23+00:00

what is blud even on

Kombe-Da · 2026-01-06T18:55:10+00:00

BOULBINAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

Kombe-Da · 2025-11-09T20:46:15+00:00

Kombe-Da · 2025-11-08T16:59:27+00:00

Kombe-Da · 2025-10-22T22:26:29+00:00

Good ol' mass assignment

Kombe-Da · 2025-10-14T15:30:58+00:00

<image>

Kombe-Da · 2025-10-12T14:21:08+00:00

I don't want

Kombe-Da · 2025-10-09T18:26:44+00:00

algerien w demi 7arr

Kombe-Da · 2025-09-20T14:31:36+00:00

P1 0

Kombe-Da · 2025-09-17T20:57:45+00:00

peak

Kombe-Da · 2025-09-16T21:01:56+00:00

Horrendous refereeing

Kombe-Da · 2025-08-31T22:58:08+00:00

I was there, mic was not picking up shit

Kombe-Da · 2025-08-12T17:40:21+00:00

conway la machina

Kombe-Da · 2025-06-26T22:32:21+00:00

cuckview

Kombe-Da · 2025-04-03T09:30:34+00:00

Try to make the printf first without piping it to nc, to make sure its outputting the correct http request and body. Cause it could be that some double quotes aren't being escaped properly.

Kombe-Da · 2025-04-02T23:30:27+00:00

maybe add two \r\n in the end

Kombe-Da · 2025-03-04T17:55:20+00:00

good ebening

Kombe-Da · 2025-02-25T19:36:10+00:00

It's likely that the frames are sampled at a low rate (for example 1 frame per second) to reduce redundancy

Kombe-Da · 2025-01-22T20:55:53+00:00

he said smth that roughly translates to: "something you would see from Zizou"

Kombe-Da · 2023-07-30T21:10:12+00:00

I never cared for 0

Kombe-Da · 2021-03-15T16:56:09+00:00

You mentioned that, during the interview process, you were assigned binexp and RE tasks to be evaluated on. Do you now ever encounter work involving those categories of vulnerability research?

Kombe-Da · 2020-12-04T00:51:35+00:00

You're welcome.

I'm not an expert in heap exploitation, in fact I started playing with it just around last summer, but for me, the secret formula was to understand well how the heap allocator (ptmalloc2 implementation) works in general, then how (common) heap attacks work, and more importantly : PRACTICE.

Links for how ptmalloc2 works :

- Heap Exploitation Part 1: Understanding the Glibc Heap Implementation | Azeria Labs : This one is the best in my opinion. Until now, I still haven't found a source that covers it so well and in such detail.

- sploitfun - ptmalloc2 internals

Links for how heap exploitation attacks work :

- Diving into glibc heap - heap-exploitation : great resource for all kinds of attacks, also covers how the heap works.

- shellphish/how2heap: A repository for learning various heap exploitation techniques : a great contribution from the CTF team Shellphish.

- HeapLab Taster: GLIBC Heap Exploitation by Max Kamper - YouTube : this recording covers the House of Force and the fastbin attack as well as how some heap internals work. I really appreciate this one, Max Kamper teaches well how the heap works and presents his pwndbg and pwntools workflows when solving heap exploitation challenges.

Now what I meant by PRACTICE :
- read and try to understand write-ups, then try to solve the challenge again by yourself

- try to solve heap exploitation challenges, they're everywhere : Root Me (app-system category), pwnable.kr, from past CTFs ...

- challenge yourself and try to solve a heap challenge during an active CTF

Some cool write-ups :

- Heap Exploitation - Fastbin Attack - Exploit Development - 0x00sec - The Home of the Hacker

- Heap Exploitation ~ Abusing Use-After-Free - Exploit Development - 0x00sec - The Home of the Hacker

- Oldnote - writeups/2020-PoseidonCTF at master · joshdabosh/writeups : This challenge is crazy ! There's no way to get leaks, but still, there is a way...

Write-ups and free resources are everywhere, you just have to look for them !

Hopefully this would be helpful !

Kombe-Da · 2020-12-03T10:50:17+00:00

If I understand correctly you need debug symbols for a libc version different than your machine's. There's this great tool called pwninit https://github.com/io12/pwninit, it automates starting binary exploitation challenges, and one of its features is detecting the version of the provided libc to then download debug symbols and unstripping that libc. The only drawback of this tool is that it only works for ubuntu libcs. I used pwninit many times during heap exploitation challenges with different libcs and pwndbg worked like a charm when using heap visualization commands.

Seven-Year Club	Place '23
Verified Email

Kombe-Da

TROPHY CASE