PWNABLE

Exploit your way to the secret flag.

Praetorian warrior

Everything we hear is an opinion, not a fact. Everything we see is a perspective, not the truth.

The objective of this challenge is to exploit a remote service and claim a secret flag. This challenge requires knowledge in reverse engineering, buffer overflows, memory disclosure vulnerabilities, bypassing Address Space Layout Randomization, and crafting exploit code to execute commands remotely.


Once you have successfully obtained the flag, send your resume and flag to careers@praetorian.com.


Through limited access to the server, we have obtained an old version of the exploitable binary, which may be downloaded below. It appears this old version was designed to be run locally, but generally mirrors functionality of the Internet connected version. Feel free to use whatever techniques come to mind to determine the purpose of the binary. Once you are confident in your ability to crash the binary in a controlled manner, connect to the live server at pwnable.praetorian.com:2888.



IMPORTANT: For reasons unknown to you, the server only allows outbound connections on port 4444 and allows no inbound connections (except 2888). Keep this in mind while crafting your exploit. Additionally, the flag may be found at /home/problem/flag, no funny business here.