I really like Nebula 04, because it is really easy, but still a commonly missed thing in programming. The object of this challenge is to find a vulnerability and exploit this C++ program. #include <stdlib.h> #include <unistd.h> #include <string.h> #include <sys/types.h> …

In this challenge, we can see that there’s no code for us to exploit, it’s something in the system. I log in to the system, and look in the /home/flag03 folder, as all the other challenges have started. I see there’s a writable.sh script, which I was guessing was the script getting …

In this challenge, we’re again provided with the source code to the vulnerable program. Only this time, they’re not loading the “echo” program from the environment’s path. #include <stdlib.h> #include <unistd.h> #include <string.h> #include …

Continuing from my previous post, I started tinkering with the next Nebula wargame: Nebula 01. This one gives you some C code, which has a bug in it. You have to exploit that bug. #include <stdlib.h> #include <stdlib.h> #include <unistd.h> #include <string.h> #include …

Recently, I’ve been getting more and more back into computer security, one of my favorite topics. Part of this is research, and part is more practical, such as wargames or labs. One newer wargame that I’ve been playing is called “Nebula”, from the guys over at …

At work, we use FogBugz for our trouble tickets, and internal tracking. We sometimes have some really long cases, so to make it easier to navigate through them, we wanted to be able to push a button to go to the next action event on the ticket. I started writing a GreaseMonkey userscript, and with …