Book Writer

pwn x86/x64 FCSC 2024 solved on

star star

Description

The startup TypeWriters & Co. realized that its brilliant idea had been stolen by one of its competitors due to a security issue.

Here is the new version, hardened and resistant to all attacks!

Check whether it is still possible to read the file flag.txt located on the remote server.

A simpler variant of this challenge is available here: Book Writer (Easy).

Files

  • docker-compose.yml
  • book-writer
    16.24 KiB – cca9332f8170fe0aa9bd5df272cf6f580b783c54cc37e79eea975744beb0e3f3
  • book-writer.c
    4.37 KiB – 48b398240944052198356356407931abd4b8f4f103b1652e80431ec95d2e1c02
  • ld-2.36.so
    206.02 KiB – 6f2ec03aaa085171705cb11d56995a5aeae06293201463397447076a3fc89f7d
  • libc-2.36.so
    1.83 MiB – 318224fc988f40df2e4f0a02ab7b1679f7e61a58203c707d4ac858d5a6ffefcd

Author

AMI

Challenge Instructions

  1. First, download docker-compose.yml:
    curl https://hackropole.fr/challenges/fcsc2024-pwn-book-writer/docker-compose.public.yml -o docker-compose.yml
  2. Launch the challenge by executing in the same folder:
    docker compose up
  3. Then, in another console, access the challenge with Netcat:
    nc localhost 4000
⚠️ Important: You must solve the challenge by interacting with the Docker container through the exposed network port. Any other way is not considered valid.

In case you encounter problems, please consult the FAQ.

Flag

Share my success on Fediverse, Twitter, Linkedin, Facebook, or via email.

Submit your solution

You can submit your writeup for this challenge. Read the FAQ to learn how to proceed.

You need to be logged in to submit a writeup.

Writeups

There are no public solutions for this challenge yet, but you can submit yours after getting the flag.