Skip to content

Latest commit

 

History

History

ropscotch

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 
 
 
 
 
 
 
 
 
 
 

ROPscotch

500 Points

Description

We just recevied our latest correspondence from Catmen in the field:

K9's can't coordinate if they can't keep their time and date server secure. We've previously hacked it using a buffer overflow, but they've recently added new security features, including enabling the NX bit and compliling the code with stack canaries. They think they are 100% protected but luckily I have you! Show them what you're made of!

Once you've had a chance to audit the "new and improved" timeserver binary for weaknesses, use it to take control of their server, which you can access at [docker_host:port]. Once you've gained access, retrieve any sensitive information you can find and get out.

Hint

The hint is in the file "challenge/.hint"