We just recevied our latest correspondence from Catmen in the field:
K9's can't coordinate if they can't keep their time and date server secure. We've previously hacked it using a buffer overflow, but they've recently added new security features, including enabling the NX bit and compliling the code with stack canaries. They think they are 100% protected but luckily I have you! Show them what you're made of!
Once you've had a chance to audit the "new and improved" timeserver
binary for weaknesses, use it to take control of their server, which you can access at [docker_host:port]
. Once you've gained access, retrieve any sensitive information you can find and get out.
The hint is in the file "challenge/.hint"