ig-ctf-solutions/write-ups-challenges-2019-2020
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
be3cd0d84b
write-ups-challenges-2019-2020/call_me_maybe
History
Robbe De Greef be3cd0d84b initial commit
2022-11-24 22:43:03 +01:00
..
solve initial commit 2022-11-24 22:43:03 +01:00
call_me_maybe initial commit 2022-11-24 22:43:03 +01:00
call_me_maybe.c initial commit 2022-11-24 22:43:03 +01:00
call_me_maybe.o initial commit 2022-11-24 22:43:03 +01:00
Dockerfile initial commit 2022-11-24 22:43:03 +01:00
README initial commit 2022-11-24 22:43:03 +01:00
test.sh initial commit 2022-11-24 22:43:03 +01:00

README 

== Call me maybe ==

=== Description ===

We are given a mysterious address, can we use it to recover the flag?

=== Flag ===

Whatever is set in the environment variable IG_FLAG

=== Public Files ===

No file should be given

=== Challenge internals ===

Classical buffer overflow, replace the return address with address given, this will print the flag.
Basically, just enter 40 A's and the address in little endian.

+-------------------------+-----------------+-----------------+
|      32 byte buffer     |   EBP 8 bytes   |     RET ADDR    |
+-------------------------+-----------------+-----------------+
   ^replace with A            ^replace with A       ^replace with addr
       

=== Deployment instructions ===

TODO, something something netcat?