Category: pwn, script
Author: condiom
The only friends we got is Rick and Morty, Morty! We gotta take revenge on those parasites, Morty.
Giving them a taste of their own BURRRP their own medicine. We gotta impose the impostors, Morty.
Reveal Spoiler
There are two binaries given in random order to the user after he connects to the service:
-
Buffer overflow return address.
The goal is to override the return address with realRick(we need to find iAmRealRick{X} function that exits(0)) -
Format string vulnerability
The goal is to override puts GOT function with realMorty(we need to find iAmRealMorty{X} function that exits(0))
A solution that performs the above steps is provided in sol.py. Use the following:
Run against local docker container
python3.7 sol.py
Run against CyberRanges (IP might change in sol.py)
python3.7 sol.py R