I’m looking for a hint on what I’m doing wrong on this challenge. I am able to open a shell in the local binary. I adapted the binary to leak the remote printf address and calculate the correct remote libc functions addresses. However no remote shell is spawned and I receive the "LOL NOPE." message.
I am able to use arbitrary strings when I call the local and remote system() libc function. I tried with /bin/bash, /bin/sh, flag, getflag, cat flag.txt, etc... without success. I still receive the string "LOL NOPE."
Do you have any hints? Any help really appreciated?