write-ups-challenges-2019-2020/call_me_maybe/README
2022-11-24 22:43:03 +01:00

29 lines
759 B
Plaintext

== Call me maybe ==
=== Description ===
We are given a mysterious address, can we use it to recover the flag?
=== Flag ===
Whatever is set in the environment variable IG_FLAG
=== Public Files ===
No file should be given
=== Challenge internals ===
Classical buffer overflow, replace the return address with address given, this will print the flag.
Basically, just enter 40 A's and the address in little endian.
+-------------------------+-----------------+-----------------+
| 32 byte buffer | EBP 8 bytes | RET ADDR |
+-------------------------+-----------------+-----------------+
^replace with A ^replace with A ^replace with addr
=== Deployment instructions ===
TODO, something something netcat?