Hacking Insights by Max Bautista

El Mundo writeup

Challenge name: El Mundo

Difficulty: Easy

Challenge Scenario: You may not control time, but you can certainly control the flow of your program! Use your stand to bend it to your will!

Link: https://app.hackthebox.com/challenges/El%2520Mundo?tab=play_challenge

Machine IP: 154.57.164.67:32163

Navigated to the site and downloaded the files. It looks like another buffer overflow.

It already gives us a script too.

It gives us the steps of what we need to overflow. Edited the code nybytes = 46 and overwriting the return address with the address of read_flag() 0x4016b7.

Also change it to run locally.

Ran it and I got the test flag. Set it back to False. Ran it against the machine and I got the real flag.

./solver.py 154.57.164.67 32163

El Mundo writeup

Share this:

Leave a comment Cancel reply