netsec

pwn kernel x86/x64 heap FCSC 2026 solved on

star star star

Description

You are tasked with carrying out a red team exercise on a major company. After many days spent infiltrating your target’s network, you are very close to achieving your objective. You only need to access the company’s central server to succeed, but unfortunately it appears to be invulnerable.

Your only lead to compromise this machine is a mysterious service listening on port 1337. Fortunately, during your intrusion you previously discovered the file netsec.tar.xz, which seems to be a backup from this server.

To access the challenge, connect via SSH inside the company’s network:ssh -p 4000 ctf@localhost.

Once connected, the target server is reachable at address 192.168.2.2 on port 1337: nc 192.168.2.2 1337.

Files

Author

Quanthor_ic

Challenge Instructions

  1. First, download docker-compose.yml:
    curl https://hackropole.fr/challenges/fcsc2026-pwn-netsec/docker-compose.public.yml -o docker-compose.yml
  2. Launch the challenge by executing in the same folder:
    docker compose up
  3. Then, in another console, access the challenge with Netcat:
    nc localhost 4000
⚠️ Important: You must solve the challenge by interacting with the Docker container through the exposed network port. Any other way is not considered valid.

In case you encounter problems, please consult the FAQ.

Flag

Share my success on Fediverse, Twitter, Linkedin, Facebook, or via email.

Submit your solution

You can submit your writeup for this challenge. Read the FAQ to learn how to proceed.

You need to be logged in to submit a writeup.

Writeups

I've been looking for a long time and I still can't find the flag!

You can vote for the solutions you prefer by using the on their respective pages.

DateAuthor Language Tags
2026-05-12
mouthon_
🇬🇧