tag

Format-String

4 posts

pwnlocked

TicTacToed

2026-06-06

pwn

2024-12-12

Questionnaire: use the format-string bug for a leak or write, then redirect execution to the flag path.

pwn

2024-12-11

RaceCar: use the format-string bug for a leak or write, then redirect execution to the flag path.

pwn

2024-06-28

DearQA: shape the heap state, gain the needed write or leak, and pivot to flag access.