Hacking TMNF: Part 2 - Exploiting a blind format string

Following up on the previous post, we will triage a crash to find the cause of a blind format string bug. We’ll take this bug from annoying crash all the way to RCE with a few neat tricks.

October 5, 2022 · 15 min

Hacking TMNF: Part 1 - Fuzzing the game server

The first of a two-part series. This part will cover how I set up a grammar fuzzer with LibAFL and Nautilus in order to fuzz the game server for Trackmania Nations Forever.

October 5, 2022 · 17 min