Official discussion thread for Space pirate: Retribution. Please do not post any spoilers or big hints.
Hi everybody,
I’m stuck in this challenge. I think I have found the vulnerability but now I don’t know how to proceed. Any hint would be greatly apreciated.
Thanks in advance
To develop the exploit for the vulnerability, I used the excellent toolkit in Python p******s
. You can find the toolkit and the used technique by web searches.
Thanks @xtal. I think my explanation was erroneus in the last post. (I don’t want to reveal any info about the challenge)
In other words, as a first step to solve the challenge I discover the vulnerability but now I don’t know how to exploit it. I think I need to leak some data to know something related to libc but I don’t see how.
A bit of light here would be great.
Thanks in advance
You have the same thought as I. Because you found the vulnerability I am very sure you have seen the leak. May be you have not not yet recognized the leak or not recognized the possibilities of the leak you have seen.
Now this is retired here is my write-up https://www.kissprogramming.com/?deadbeef=write-up&cafebebe=Space%20pirate:%20Retribution. However, I will urge you to not look at my pwntools script without understanding my explanation of the exploit first.