BoF works locally but not on remote

Currently working on a BoF challenge. I’ve downloaded the binary and wrote an exploit that uses shellcode. The return address (start of the buffer) is given when you run it, and the same each time. My exploit works fine on my local box, but when I do ‘cat payload | nc ip port’ it either segfaults or doesn’t give anything back. Anything I can look at?


  • GCIH
    If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )


  • Are you able to use pwntools? It makes it easy and clean

  • Try this:
    (cat payload; cat) | nc ip port

  • Depending on what you use with your payload, it might be that libc offsets are different on the target system. Just a wild guess, but something I ran into more than once ;)

    Hack The Box

Sign In to comment.