Official discussion thread for Space pirate: Retribution. Please do not post any spoilers or big hints.
Hi everybody,
I’m stuck in this challenge. I think I have found the vulnerability but now I don’t know how to proceed. Any hint would be greatly apreciated.
Thanks in advance
To develop the exploit for the vulnerability, I used the excellent toolkit in Python p******s
. You can find the toolkit and the used technique by web searches.
Thanks @xtal. I think my explanation was erroneus in the last post. (I don’t want to reveal any info about the challenge)
In other words, as a first step to solve the challenge I discover the vulnerability but now I don’t know how to exploit it. I think I need to leak some data to know something related to libc but I don’t see how.
A bit of light here would be great.
Thanks in advance
You have the same thought as I. Because you found the vulnerability I am very sure you have seen the leak. May be you have not not yet recognized the leak or not recognized the possibilities of the leak you have seen.
Thank you @xtal.
I will look more carefully and I will open my eyes as much as possible.
Regards
Now this is retired here is my write-up https://www.kissprogramming.com/?deadbeef=write-up&cafebebe=Space%20pirate:%20Retribution. However, I will urge you to not look at my pwntools script without understanding my explanation of the exploit first.