[CTF] Google CTF 2025 - webz : Exploiting zlib's Huffman Code Table

2025. 8. 26. 14:20CTF write up

 

1. Overview
2. Background
	2-1. google-zlib-Increase-Huffman-Table-Size.patch
	2-2. Deflate Algorithm
		2-2-1. LZ77
		2-2-2. Huffman Coding
3. Code Analysis
	3-1. Inflate
	3-2. Huffman Table
	3-3. Decode
4. Vulnerability
	4-1. Unintialized Huffman Code Table
	4-2. Exploiting inflate_fast
    	4-2-1. Integer Overflow (Unexploitable)
    	4-2-2. PoC
        4-2-3. Stream Overflow (Exploitable)
    	4-2-4. PoC
5. Exploit

 

- English

https://velog.io/@0range1337/CTF-Google-CTF-2025-webz-Exploiting-zlibs-Huffman-Code-Table-English

 

[CTF] Google CTF 2025 - webz : Exploiting zlib's Huffman Code Table [English]

webz is a zlib exploitation challenge from Google CTF 2025. The Google-zlib implementation provided in the challenge is not upstream; it’s a version w

velog.io

 

- 한국어

https://velog.io/@0range1337/CTF-Google-CTF-2025-webz-Exploiting-zlibs-Huffman-Code-Table

 

[CTF] Google CTF 2025 - webz : Exploiting zlib's Huffman Code Table [한국어]

1. Overview webz는 Google CTF 2025에서 출제된 zlib 익스플로잇 문제입니다. 문제에서 주어지는 Google-zlib 구현은 원본이 아니고 임의의 패치가 적용된 버전입니다. 일반적인 오픈소스 익스플로잇 챌린지

velog.io

 

저작자표시 (새창열림)

'CTF write up' 카테고리의 다른 글

[CTF] corCTF 2025 - zenerational-aura : Powerful kernel exploitation primitive via panic_on_oops  (0) 2025.09.14
[CTF] SanDiego CTF 2024 - Def1nit3lysAfetoDol1st5iNc31hAveF0rb1dUnsafec0de : 1-day Rust pwn  (0) 2024.05.17
[CTF] DEF CON CTF Qualifier 2024 - dotcom : Exploitinig Crash Handler  (0) 2024.05.08
[CTF Write Up] DICE CTF 2024 qual - boogie-woogie : 1-byte swap primitive to ROP  (1) 2024.02.05
[CTF Write Up] ASIS CTF Final 2023 - isWebP.js : Exploiting QuickJS by Webp Vulnerability  (1) 2024.01.06

관련글

댓글 0

티스토리툴바