Spidersaurus

pwn x86/x64 browser FCSC 2026 solved on

star star

Description

After a few hiccups with the FORTH language, as well as the BASIC language, our developper has decided to get back to the roots of the multimedia Internet with the help of a JavaScript interpreter, SpiderMoney 1.3.

He assures us that no security vulnerability is exploitable, thanks to compilation flags; furthermore, he guarantees the code is safe from the Y2K bug.

However, an anonymous hacker has sent us an enigmatic file test.js which seems to trigger the read of uninitialized memory. Can you prove our developer wrong by reading the contents of the flag variable?

Note: The program is compiled by clang-17 (under Debian 13 i386), but is executed under Debian 13 amd64 (with libc6:i386 installed).

Files

  • docker-compose.yml
  • JSRef.zip
    373.12 KiB – e3d04ba7f65efa088ce64fc72b47962fe77dea6a9442a14b94f1b90f65972b58
  • spidersaurus
    1.30 MiB – 3c727012d440325908374ed9136dfe010164d2713b61141b029b365c7a142724
  • spidersaurus.patch
    9.35 KiB – 21f809774fcc8adda68be3090939f47a9c2a5c2b89b835579659a7d09770458f

Author

cde

Challenge Instructions

  1. First, download docker-compose.yml:
    curl https://hackropole.fr/challenges/fcsc2026-pwn-spidersaurus/docker-compose.public.yml -o docker-compose.yml
  2. Launch the challenge by executing in the same folder:
    docker compose up
  3. Then, in another console, access the challenge with Netcat:
    nc localhost 4000
⚠️ Important: You must solve the challenge by interacting with the Docker container through the exposed network port. Any other way is not considered valid.

In case you encounter problems, please consult the FAQ.

Flag

Share my success on Fediverse, Twitter, Linkedin, Facebook, or via email.

Submit your solution

You can submit your writeup for this challenge. Read the FAQ to learn how to proceed.

You need to be logged in to submit a writeup.

Writeups

There are no public solutions for this challenge yet, but you can submit yours after getting the flag.