Back to BASIC

Description

After a few hiccups with the FORTH language (see https://hackropole.fr/en/challenges/pwn/fcsc2023-pwn-may-the-forth/), our developper has decided to get back to his roots and use a BASIC interpreter. He assures us that no security vulnerability is exploitable, thanks to compilation flags; however, an anonymous hacker has sent us this enigmatic message: A=(A+0. Can you prove our developer wrong by reading the file named flag.txt?

Files

docker-compose.yml
back-to-basic
1.14 MiB – e103fc56c1ff690a9f14f62e2efb70861bc6c03b8f0a2b2c9000d87a6ca39649
my_basic-master.zip
1.25 MiB – 7a8fec469598065e025d2afed8173c59f2cc822ddf88497770de052d4048fea3
back-to-basic.patch
3.80 KiB – 95fd556eb8a8ea05b53c7183153e2c614dde7a259d50c8f011672e28d7ecc9a5

Author

cde

Challenge Instructions

First, download docker-compose.yml:
curl https://hackropole.fr/challenges/fcsc2025-pwn-back-to-basic/docker-compose.public.yml -o docker-compose.yml
Launch the challenge by executing in the same folder:
docker compose up
Then, in another console, access the challenge with Netcat:
nc localhost 4000

⚠️ Important: You must solve the challenge by interacting with the Docker container through the exposed network port. Any other way is not considered valid.

In case you encounter problems, please consult the FAQ.

Flag

You don't have JavaScript actived. No problem! You can check your flag like this: echo -n 'PUT_THE_FLAG_HERE' | sha256sum # possible output: f7df320226403bac9d3350f9bf8f8e1bd6f18ddc1245ea29d3147e27b4bea130

Writeups

There are no public solutions for this challenge yet, but you can submit yours after getting the flag.