Official Cosy Casino Discussion

Official discussion thread for Cosy Casino. Please do not post any spoilers or big hints.

I’ve got an exploit working against this binary running in a representative environment (i.e. same version of libc, ld-linux-x86-64, libpthread etc) but it’s not working against the challenge server. The challenge server is also not behaving the same as the binary I’ve downloaded. E.g. the show_gems function doesn’t appear to be included (or working), as it never prints out your current total in the menu. E.g. I never get anything like this over the network connection:

[*] Current ?: [70]

However, the behaviour of the app shows that the gem count is maintained internally.

[EDIT] I was being stupid. The show_gems function outputs to STDERR, which explains why I’m not seeing it on the output from the challenge server (which is only displaying STDOUT).

I’ve also got something working against a local version but can’t reproduce with server, and it’s not the behavior of show_gems printing to stderr. I’m getting to a point locally where I can send payload and receive at least a puts response to know that I’m executing and I get nothing back when I try to send it for real.

please DM to discuss

That was fun. Nice challenge!! Feel free to send me a DM if you need help