MetaCTF September 2024 Flash CTF consists of 5 challenges. Only 3 of them are covered here. Stack Smashers This is the first challenge. We are given the source code for a small C program that takes user input, writes it to a 16-byte buffer (buffer[16]), and then checks if memory.winner is set to true. If it is, the win() function is executed, which prints out the flag. The program uses gets() to read the input....
In this challenge, we are provided with an executable, as well as an address and a port to connect to via netcat. After connecting, we are asked to enter a name. With a little manual “fuzzing,” we discover that the application crashes with a “Segmentation fault” error when the input exceeds 25 characters. Let’s first examine the type of file provided: $ file buffers buffers: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64....