Description
Between ACLs and LSMs, Unix permissions can no longer be trusted.
Here’s a program that tries to open a file of your choice to overcome this problem.
⚠️ libc must be stored on an ext4 filesystem, next to docker-compose.yml
.
Files
- docker-compose.yml
-
file-checker
16.69 KiB – 53ef14680d0a90ce49223083c3d82727a9cf3660eb2e641835de610adf724d4a -
file-checker-src.tar.xz
845.49 KiB – 23cc8cfcb19bd9fb4c4829cafc035ec3c272cc9391d23561fc0a5c3de1f62a50 -
ld-2.39.so
231.07 KiB – 555beffc7b3d2184dfd26c5446e4cbc89d0cdca63fa954bb38d77e574aa6b199 -
libc-2.39.so
2.03 MiB – e4ed95c6c273277b9b8de5717ea272fef70cbe0e32053d6652e8a311b1f28f8d
Author

Challenge Instructions
- First, download docker-compose.yml:
curl https://hackropole.fr/challenges/fcsc2024-pwn-file-checker/docker-compose.public.yml -o docker-compose.yml
- Launch the challenge by executing in the same folder:
docker compose up
- Then, in another console, access the challenge with Netcat:
nc localhost 4000
In case you encounter problems, please consult the FAQ.
Flag
Submit your solution
You can submit your writeup for this challenge. Read the FAQ to learn how to proceed.
You need to be logged in to submit a writeup.
Writeups
There are no public solutions for this challenge yet, but you can submit yours after getting the flag.