Introduction
This blogpost contains a writeup of the second phase of the Hack.LU 2013 Wannabe challenge. The first phase writeup can be found here: Hack.LU 2013 CTF Wannabe Writeup Part One: Web Exploitation
During the first phase, we managed to get ourselves a limited shell (www-data) on a webserver. In this phase, we had to exploit a custom C program compiled for Linux x64 which contained a couple of buffer overflow vulnerabilities. Because of some memory protection measures, a Return-Oriented Programming (ROP) approach was taken. The whole process is described in more detail below. Continue Reading