Official Format Discussion

Official discussion thread for Format. Please do not post any spoilers or big hints.

Any nudges for this one? I have figured out a method to write to memory addresses in the stack but can’t really figure out where/how to get to the flag.

anyone know if its possible to write less than2 bytes / 4 digit?
%hn seems to be the smallest

I could use a nudge too. I‘ve an idea but fail on writing anything

Hi guys. I think i miss something in this challenge. I leak anything in binary and can write anything anywhere, but i can’t found a solution to manipulate/stop the infinite loop.

ROP failed due to infinite loop.
GOT Rewrite failed too due to Full-Relro.

I have leak the PIE, the canary and the libc base address.
This binary seem to be easy …

Can someone help me ?

Thanks in advance

Feel free to dm me for any doubts.

Done and Dusted! Thx @ollypwn for fun challenge.

If anyone is interested in exchanging and discussing solutions, please feel free to PM me.

Hello, I managed to “solve the challenge locally”, but when I try to connect to the server it raises an error about a file:
“/home/ctf/ line 3: 28 Segmentation fault ./format”

I don’t really believe this is due to my script, has someone experienced the same issue?

I have a payload that makes the binary generate a reverse shell that works on the one I downloaded, but it doesnt work against the remote.
Anyone able to help?

Type your comment> @AlexZander said:

Feel free to dm me for any doubts.

Please contact me on discord for quicker response :- Alex Zander#0764