PlayerTwo write-up from limbernie

This has got to be one of the hardest box I’ve attempted because of the heap exploitation.

Awesome write up - as always!

This box nearly broke me. It started off hard and every single step got harder. Love the clarity around how you’ve described the final exploit - mine was a total mess as I tried all kinds of stupid things!

Well Done!)

Fine exploit for root but I would use ssh for remote exploitation.
You already have ssh key at this moment and ssh doesn’t demand upload and use socat.