Official Oxidized ROP Discussion

Official discussion thread for Oxidized ROP. Please do not post any spoilers or big hints.

New here, can anyone give me a few hints to get started in the right direction? I tried nmap nothing useful is popping up, unless I am doing it wrong by using wrong flags. Any help would be highly appreciated :slight_smile:

It’s a pwn challenge so you need to find a way to exploit the executable (binary exploitation stuff) and get the flag (check out the files for the challenge). Do that locally first and after that just repeat the steps on the remote target.

Hello guys, so I’m able to overwrite the place that opens the doors, but I’m unable to figure out the correct payload to place the correct value there. Any help?

Hey guys. I’ve been onto this challenge for more than a day. Can i get any help with it? I have figured out the changes to be done in the rust file that is downloaded locally. But I am unable to figure out how to edit the same file in the same way on the docker instance for the executable to behave the same way it behaves on my local system. Can anyone personally connect with me and discuss?

How do I repeat the steps on the remote target? How do i edit the files on he docker instance?

If you are starting with binary exploitation ctf challenges, it’s a good idea to check out something like or Overview - CTF 101

This was tricky but I eventually got it. For me it took a lot of trial and error and I only sort of understand how it works. Would love to chat with someone who could help explain why my solution works :smile:

There’s a special value I needed and rather than deriving it, I trial and error-ed to get there with the debugger, but I’d love to know how I could actually derive it.

Anybody have some pointers on how to exploit rust binaries ? haven’t find much around :smiley:

I’ve have had fun playing with reversing/debugging Rust, which is completely new to me. Found the bug pretty quickly and have a theory on how it can be exploited, but am having trouble overcoming the quirk in this challenge. Any advice on how to work around the limitations imposed in the UB?

just take it easy and look at it as a normal c binary

just cleared this one , took me about half hour ^_^.
a really nice challenge that tell you not to look for the normal bugs you know , sometimes the main bug can be in the logic of how the program works and how the programmer mistakes can also lead to bugs.
my hint:
always check how the function deals with your input , maybe it’s taking something to another place it’s should not.
for those who knows what i’m talking about but still can’t solve it, a lil search about the strings in rust and also the way it’s been looks like in the mem will tell you that it’s uni****.