A New PWN Challenge!
This is a nice challenge, somewhat similar to ropmev2 it replaced.
can i pm someone for a nudge?
SImple challenge
Hi, Iām stuck and need a little push in the right direction.
I can redirect the IP to point on the stack but thereās not that much āspaceāā¦ Any hint would be great.
You can send me a PM r4gus! I just completed this challenge and I wouldāt consider my solution as simple, so maybe there is an easier wayā¦ but Iām quite new to this, so maybe my judgment of what is easy or not is a bit offā¦ Really enjoyed it though!
Itās actually not hard tbh
@ano12 Can I send you my solution a PM, to check whether mine solution is the intended way?
does anybody try to get root after getting in?
@Artem1s Yes : )
Spoiler removed
Would anyone be up for a PM so I can bat some ideas against them? I think I know where to go with this one, but am stuck.
I have a couple of techniques that work against the local binary, but nothing works against the remote server, canāt leak anything! Only seg faults remotely, but leaks locally.
Update: Solved it. It helps to put in the correct PLT addresses in your code. Had the solution days ago, but this simple typo wasted 5 days of debuggingā¦
Was anyone able to do this without ropping? Seems it should be doable from looking at the mitigations on the binary
Type your comment> @Rembown said:
Was anyone able to do this without ropping? Seems it should be doable from looking at the mitigations on the binary
Yes, the intended way was without using rop.
Done with ROPā¦
So, Iām new to this and Iām trying to connect to the instance via the docker site but iām not able to. Iāve tried docker.hackthebox.eu:(port here) but it doesnāt work like the web instance challenges. Tried http:// and https:// with no luck either. Iāve checked to make sure it isnāt being blocked but donāt really think iām able to even start on this one since I canāt get to the instance. Any help is appreciated.
Type your comment> @Ranger32 said:
So, Iām new to this and Iām trying to connect to the instance via the docker site but iām not able to. Iāve tried docker.hackthebox.eu:(port here) but it doesnāt work like the web instance challenges. Tried http:// and https:// with no luck either. Iāve checked to make sure it isnāt being blocked but donāt really think iām able to even start on this one since I canāt get to the instance. Any help is appreciated.
This is a binary exploitation challenge. Youāre not going to be able to exploit it using a browserā¦ Try researching methods of remote binary exploitation by connecting to the remote instance with netcat
(or nc
).
If you are trying to connect to this challenge with a browser, you are likely misinterpreting the meaning of a āpwnā challenge. Best of luck!
Can anyone please point me in the right direction? I am having problem in getting a leak.