Heap Exploit (ret2win) - "Hellbound" Pwn Challenge [HackTheBox Cyber Apocalypse CTF 2022]

Video walkthrough for Hellbound, a Binary Exploitation (Pwn) challenge from @HackTheBox Cyber Apocalypse 2022: Intergalactic Chase CTF. In this challenge we'll use a basic heap exploit to ret2win and compile a PwnTools script to automate the exploitation process. Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #HackTheBox #HTB #CyberApocalypse22 #CyberApocalypse #CTF #Pentesting #OffSec #Pwn #BinaryExploitation

↢Social Media↣
Twitter: https://twitter.com/_CryptoCat
GitHub: https://github.com/Crypto-Cat/CTF
HackTheBox: https://app.hackthebox.eu/profile/11897
LinkedIn: https://www.linkedin.com/in/cryptocat
Reddit: https://www.reddit.com/user/_CryptoCat23
YouTube: https://www.youtube.com/CryptoCat23
Twitch: https://www.twitch.tv/cryptocat23

↢HTB CyberApocalypse 2022↣
https://ctftime.org/event/1639
https://ctf.hackthebox.com/ctf/371
https://www.hackthebox.com/events/cyber-apocalypse-2022
https://discord.gg/hackthebox
https://twitter.com/hackthebox_eu

↢More HTB CyberApocalypse Write-ups↣
https://roderickchan.github.io/2022/05/19/Cyber-Apocalypse-CTF-2022-all-pwn-wp
https://github.com/Hilb3r7/CyberApocalypse2022
https://gore-ez-knee.github.io/posts/htb-ca-2022-writeup-table/

↢Resources↣
Ghidra: https://ghidra-sre.org/CheatSheet.html
Volatility: https://github.com/volatilityfoundation/volatility/wiki/Linux
PwnTools: https://github.com/Gallopsled/pwntools-tutorial
CyberChef: https://gchq.github.io/CyberChef
DCode: https://www.dcode.fr/en
HackTricks: https://book.hacktricks.xyz/pentesting-methodology
CTF Tools: https://github.com/apsdehal/awesome-ctf
Forensics: https://cugu.github.io/awesome-forensics
Decompile Code: https://www.decompiler.com
Run Code: https://tio.run

↢Chapters↣
Start: 0:00
Basic File Checks: 1:09
Binary Protections (checksec): 1:55
Explore Functionality: 3:05
Disassemble/Decompile with ghidra: 4:03
PwnTools script: 11:12
End: 16:43