Skip to main content

2. Stack Overflow

Challenge Overview

In this challenge, you need to exploit a stack buffer overflow vulnerability in a simple C program. Through the exploitation, you need to execute a function, get_flag(), which is should not be called. Your goal is to overflow the buffer and overwrite the program's memory such that the program's execution jumps to the get_flag() function, which will give you flag.txt.

Buffer Overflow

A buffer overflow happens when you put more data into a buffer (a temporary storage area) than it can hold. This extra data can spill over into other parts of memory, causing the program to behave unexpectedly. Attackers can use this to take control of the program.

Downlaod

You can download the challenge from our CTF server. (http://kayle.snu.ac.kr:10000/)

Due date

Submission

Once you've obtained the flag, please submit it to our CTF server. Then, submit both your exploit code and a 1-page report through ETL. Your report should briefly explain the code you used to get the flag and how you solved the challenge. Please do not cheat, share your flag, or disclose your solutions. Ensure that your report is strictly limited to 1 page.

Before submitting, use this command to compress your files: zip report.zip solve.py report.pdf. Make sure to rename your exploit code to solve.py and your report to report.pdf before running this command. Finally, submit report.zip through ETL.