Username: 
Password: 
Restrict session to IP 

Dead end?  Go to the Training: Warchall - 7 Tropical Fruits challenge

Global Rank: 7764
Totalscore: 1192
Posts: 1
Thanks: 1
UpVotes: 1
Registered: 1y 141d
Last Seen: 280d 18h
The User is Offline
Dead end?
Google/translate1Thank You!1Good Post!0Bad Post! link
I've been trying to solve this challenge for some time but I've ran out of ideas. The elf x86-64 binary is position independent so I can't predict or bruteforce the addresses of the gadgets needed for ROP or stack juggling since there is no information leak, Even though the stack is executable I didn't find any way to redirect the execution to some useful address on the stack. What am I missing?
Global Rank: 5
Totalscore: 550113
Posts: 225
Thanks: 232
UpVotes: 233
Registered: 15y 65d






Last Seen: 5s
The User is Online
RE: Dead end?
Google/translate1Thank You!1Good Post!0Bad Post! link
The challenge hasn't been solved since the server move, so it might be broken -- haven't checked tho.
Can anyone confirm if it is working (or not)?
Global Rank: 13577
Totalscore: 194
Posts: 1
Thanks: 1
UpVotes: 1
Registered: 345d 4h
Last Seen: 325d 19h
The User is Offline
RE: Dead end?
Google/translate1Thank You!1Good Post!0Bad Post! link
Quote from cyberrac
Aug 18, 2023 - 06:10:58

I've been trying to solve this challenge for some time but I've ran out of ideas. The elf x86-64 binary is position independent so I can't predict or bruteforce the addresses of the gadgets needed for ROP or stack juggling since there is no information leak, Even though the stack is executable I didn't find any way to redirect the execution to some useful address on the stack. What am I missing?
Global Rank: 5
Totalscore: 550113
Posts: 225
Thanks: 232
UpVotes: 233
Registered: 15y 65d






Last Seen: 5s
The User is Online
RE: Dead end?
Google/translate1Thank You!2Good Post!0Bad Post! link
We changed the challenge a bit to reflect the behavior of the original binary. This also gives as the opportunity for a sequel. ;)
Happy challenging!
Redknee, ckclark, tunelko, silenttrack, n0tHappy, nonfungiblesecurity, quangntenemy, TheHiveMind, Z, balicocat, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0, SwolloW, dangarbri, csuquvq have subscribed to this thread and receive emails on new posts.
1 people are watching the thread at the moment.
This thread has been viewed 1779 times.