With all that recent hype about VPNs and everything good ol’ hxp had to up their crypto game, so we added network-based security to this flag dispenser. We think that–despite our age–we’re still perfectly capable of producing flawless C code, but to be extra safe, we cranked up the compiler-based defenses during compilation of the server and enabled clang’s safe stack.

Besides the server we provide captured traffic from and to that port for you to analyse, could you please check that we got it right?

Note: We did not modify the source code of the statically linked crypto library.

Download: https://2022.ctf.link/assets/files/secure_flag_dispenser-3e953071990b9bd6.tar.xz