0x0 Introduction
Can you guess my name?
nc challs.actf.co 31223
whatsmyname whatsmyname.c
Author: JoshDaBosh
files: whatsmyname, whatsmyname.c
0x1 Mitigation
1 | Arch: amd64-64-little |
0x2 Vulnerability
The program basically wanna us to enter 48 bytes guess
, program will generate 48 bytes myname
from /dev/urandom
. if guess
and myname
is same, program will print out the flag.
it is not possible to guess it right. However, we can use null-terminated string bug to leak myname
. Then we can enter the same name to get the flag.
0x3 Exploit
1 | io = start() |
0x4 Flag
actf{i_c0uld_be_l0nely_with_y0u_a21f8611c74b}