A New PWN Challenge!
This is a nice challenge, somewhat similar to ropmev2 it replaced.
can i pm someone for a nudge?
SImple challenge
Hi, I’m stuck and need a little push in the right direction.
I can redirect the IP to point on the stack but there’s not that much ‘space’… Any hint would be great.
You can send me a PM r4gus! I just completed this challenge and I would’t consider my solution as simple, so maybe there is an easier way… but I’m quite new to this, so maybe my judgment of what is easy or not is a bit off… Really enjoyed it though!
It’s actually not hard tbh
@ano12 Can I send you my solution a PM, to check whether mine solution is the intended way?
does anybody try to get root after getting in?
@Artem1s Yes : )
Spoiler removed
Would anyone be up for a PM so I can bat some ideas against them? I think I know where to go with this one, but am stuck.
Yes, you can send me a PM @whipped!
I have a couple of techniques that work against the local binary, but nothing works against the remote server, can’t leak anything! Only seg faults remotely, but leaks locally.
Update: Solved it. It helps to put in the correct PLT addresses in your code. Had the solution days ago, but this simple typo wasted 5 days of debugging…
Was anyone able to do this without ropping? Seems it should be doable from looking at the mitigations on the binary
Type your comment> @Rembown said:
Was anyone able to do this without ropping? Seems it should be doable from looking at the mitigations on the binary
Yes, the intended way was without using rop.
Done with ROP…
So, I’m new to this and I’m trying to connect to the instance via the docker site but i’m not able to. I’ve tried docker.hackthebox.eu:(port here) but it doesn’t work like the web instance challenges. Tried http:// and https:// with no luck either. I’ve checked to make sure it isn’t being blocked but don’t really think i’m able to even start on this one since I can’t get to the instance. Any help is appreciated.
Type your comment> @Ranger32 said:
So, I’m new to this and I’m trying to connect to the instance via the docker site but i’m not able to. I’ve tried docker.hackthebox.eu:(port here) but it doesn’t work like the web instance challenges. Tried http:// and https:// with no luck either. I’ve checked to make sure it isn’t being blocked but don’t really think i’m able to even start on this one since I can’t get to the instance. Any help is appreciated.
This is a binary exploitation challenge. You’re not going to be able to exploit it using a browser… Try researching methods of remote binary exploitation by connecting to the remote instance with netcat
(or nc
).
If you are trying to connect to this challenge with a browser, you are likely misinterpreting the meaning of a “pwn” challenge. Best of luck!
Can anyone please point me in the right direction? I am having problem in getting a leak.