Robot

pwn heap x86/x64 FCSC 2023 solved on

star star

Description

The startup FunWithRobots & Co. wants to offer an interactive service that runs on a remote server and simulates a robot with as much realism as possible. Howerver, one day before the launch, the project manager remembers a vague mention of some security requirements…

Since you are the person in charge of security, he needs your validation. According to him, this is just a formality because the code has been reviewed by their best developers and the binary runs with all the usual protections (stack cookies, W^X, ASLR, etc.).

Check whether it is possible to read the file flag.txt on the remote server.

Files

  • docker-compose.yml
  • robot
    17.22 KiB – ef107c2b77ac5c1c4759ae4d4e4c822e8c875d16099d249f420b9401c8643abf
  • robot.c
    4.39 KiB – c863f1dd19edca20fc5da3f07c75db79681c2ab3778facab525bf582c0c173cf

Author

AMI

Challenge Instructions

  1. First, download docker-compose.yml:
    curl https://hackropole.fr/challenges/fcsc2023-pwn-robot/docker-compose.public.yml -o docker-compose.yml
  2. Launch the challenge by executing in the same folder:
    docker compose up
  3. Then, in another console, access the challenge with Netcat:
    nc localhost 4000
⚠️ Important: You must solve the challenge by interacting with the Docker container through the exposed network port. Any other way is not considered valid.

In case you encounter problems, please consult the FAQ.

Flag

Share my success on Fediverse, Twitter, Linkedin, Facebook, or via email.

Submit your solution

You can submit your writeup for this challenge. Read the FAQ to learn how to proceed.

You need to be logged in to submit a writeup.

Writeups

I've been looking for a long time and I still can't find the flag!

You can vote for the solutions you prefer by using the on their respective pages.

DateAuthor Language Tags Vote
2024-05-05
lrstx
🇫🇷