Book Writer (Easy)

Description

The startup TypeWriters & Co. had a brilliant idea: they want to offer an online word processing service that will revolutionize the world of publishing!

But on the eve of the inauguration, the project manager recalls a vague mention of security requirements…

As you are the person in charge of security, he needs your validation. According to him, this is just a formality because the code has been reviewed by their best developers, and the binary runs with all the classic protections (stack cookies, W^X, ASLR, etc.).

Check whether one can read the file flag.txt located on the remote server.

A more complex variant of this challenge is available here: Book Writer.

Files

docker-compose.yml
book-writer-easy
16.31 KiB – c5938901f261e9b915d4e76b3a64e07d37784a3a3b080c4e5158e5c4bc1a5904
book-writer-easy.c
4.44 KiB – 701da0ebaf1bf44f0d627bfeb94ee6c3e5328e07a9a24af98960080257dc6b83

Author

AMI

Challenge Instructions

First, download docker-compose.yml:
curl https://hackropole.fr/challenges/fcsc2024-pwn-book-writer-easy/docker-compose.public.yml -o docker-compose.yml
Launch the challenge by executing in the same folder:
docker compose up
Then, in another console, access the challenge with Netcat:
nc localhost 4000

⚠️ Important: You must solve the challenge by interacting with the Docker container through the exposed network port. Any other way is not considered valid.

In case you encounter problems, please consult the FAQ.

Flag

You don't have JavaScript actived. No problem! You can check your flag like this: echo -n 'PUT_THE_FLAG_HERE' | sha256sum # possible output: 6467d4387c8e80fc272e99de85edf2cfd73f02ac07c7b5b7298f848f047d645f

Writeups

There are no public solutions for this challenge yet, but you can submit yours after getting the flag.