@Chobin73 said:
Ok, i’ve already spent more than 10 days onto this behemoth…getting user’s flag has been a gigantic learning experience (thanks also to @TazWake) , but i have to admit that root is out of my reach for now.
If anyone wants to give me one or more nudges, it’ll be more than welcome. for now the only thing that i can say is that maybe i have understood what to do, but i am almost completely illiterate onto this branch of exploitation…
Pretty much in the same boat. I have an idea of what the attack needs to be, I just cant seem to get it to work. I took me days to get control of the registers, let alone turning that into anything useful.
(embarrassingly it took me a few hours realise I was analysing it on the wrong platform at first…)