alt Hacker NewsThese come up in CTFs all the time. One trick I don't see here is you can use `dd` to write into the `/proc` hierarchy to achieve all sorts of fuckery including patching shellcode into a running process.
Replies
dominicq • today at 7:18 AM
Huh? How does that work exactly? I've heard of /proc fuckery before but didn't know you could disable aslr with it.
➕ show 2 replies
You learn the most random ways to abuse program features, one I still remember because of how long it took to figure it out was an htb box that (after a long exploitation path) used NTFS ADS to hide the flag within the alternate stream in a decoy file; and of course the normal way to extract the stream was disabled so had to do some black magic with other binaries to get it