Skip to content

Latest commit

 

History

History

goal

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
ctf.xinetd
ctf.xinetd
 
 
docker-compose.yml
docker-compose.yml
 
 
flag.txt
flag.txt
 
 
goal
goal
 
 
goal.c
goal.c
 
 
goal.zip
goal.zip
 
 
solve.py
solve.py
 
 
start.sh
start.sh
 
 

README.md

Goal

Description:

Can you reach the `goal()` function?

`nc localhost 1337`

[goal.zip]

Hint (if you want) - google "pwn stack alignment"

Writeup

This is a ret2win problem that requires dealing with stack alignment issues. In my solve, I just returned to goal()+1, but you can also make a ROP chain with a single ret gadget in front. See solve.py.

Flag - byuctf{SIUUUUUUUUUUU!!}

Hosting

goal was compiled with the command gcc -o goal -no-pie goal.c.

This challenge should be a Docker container that runs goal on port 1337. All the proper files are included in here. The command to build the docker container is (when located inside of this directory):

docker compose up -d

To stop the challenge:

docker compose down