Patchinko

Description

Come and test the new version of the Patchinko game! Winning chances are close to zero, so we help players. Prove that it is possible to exploit the system to read the flag file.

Note: the service allows to patch the given binary before running it.

Files

docker-compose.yml
patchinko.bin
8.70 KiB – b09fe0d4228fa0a1ff58cee680f5d57cb6f2aa54e65f7c2c43d7c86e61b4ba1f

Author

Cryptanalyse

Challenge Instructions

First, download docker-compose.yml:
curl https://hackropole.fr/challenges/fcsc2020-pwn-patchinko/docker-compose.public.yml -o docker-compose.yml
Launch the challenge by executing in the same folder:
docker compose up
Then, in another console, access the challenge with Netcat:
nc localhost 4000

⚠️ Important: You must solve the challenge by interacting with the Docker container through the exposed network port. Any other way is not considered valid.

In case you encounter problems, please consult the FAQ.

Flag

You don't have JavaScript actived. No problem! You can check your flag like this: echo -n 'PUT_THE_FLAG_HERE' | sha256sum # possible output: d2e6e00eb43a92ac0b9f1da73c49dcf5206257e0abc76da333d299be88b2a667

Writeups

I've been looking for a long time and I still can't find the flag!

You can vote for the solutions you prefer by using the on their respective pages.

Date	Author	Language	Tags	Vote
2023-11-06	voydstack	🇫🇷	TeamFrance
2023-11-17	bluesheet	🇫🇷	TeamFrance