Type your comment> @killinem said:
Hi guys) I have two questions:
- I follow the bitterman ippsec video way and developed the exploit. This exploit works in ellingson box also and gives a shell. But it doesn’t give a shell in this challenge, even locally on kali box! I get the “Got EOF while reading in interactive” error. What am i missing? PM, please:(
- I understand how to pwn the binary, but i can’t understand how to pwn the remote web service:( Where should i place my payload? In the body of post request? Or in the uri in GET request? Or where? Any hints really appreciated)
I’m not sure what “remote web service” you’re talking about? If you click “start instance” in this challenge, you should get a hostname and port. If you connect to that, you should get the same string you get when you run the binary locally:
$ nc docker.hackthebox.eu 33853
ROP me outside, how 'about dah?
Your exploit should just be sent to that socket server.
Also: Posting the same question in four different threads is really unnecessary.