35C3 Junior CTF pwnables
Clone or download
Latest commit d9b88fa Dec 30, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
1996 Initial commit Dec 30, 2018
arraymaster1 Initial commit Dec 30, 2018
arraymaster2 Initial commit Dec 30, 2018
poet Initial commit Dec 30, 2018
stringmaster1 Initial commit Dec 30, 2018
stringmaster2 Initial commit Dec 30, 2018
sum Initial commit Dec 30, 2018
README.md Initial commit Dec 30, 2018

README.md

35C3 Junior CTF pwnables

Source code and exploits for the 35C3 Junior CTF pwnables.

To recreate the CTF environment with docker enter the challenge directory and run:

./docker_build.sh
./docker_run.sh

For each challenge the files in the respective subdirectory distrib were given.

Note: For some exploits offsets to libc symbols are used. These can change when the libc used in the docker container is updated. Use the following command to retrieve the libc currently used in the docker environment:

docker cp -L <challenge_name>:/lib/x86_64-linux-gnu/libc.so.6 .

poet

We are looking for the poet of the year:

nc localhost 22223

Difficulty estimate: very easy

1996

It's 1996 all over again!

nc localhost 22227

Difficulty estimate: very easy

stringmaster1

Eat, sleep, swap, replace

nc localhost 22224

Difficulty estimate: easy

stringmaster2

Eat, sleep, swap, replace

This time with more mitigations!

nc localhost 22225

Difficulty estimate: medium

sum

Sum it up!

nc localhost 22226

Difficulty estimate: easy

arraymaster1

Would you mind briefly testing our new integer array implementation?

nc localhost 22228

Difficulty estimate: easy - medium

arraymaster2

We improved our security with more mitigations.

nc localhost 22229

Difficulty estimate: hard