We're given an ELF file with parts removed from and replaced with "XXXXX". However, we have symbol information - we can use symbols to determine the length of various functions, which should begin with valid prologues and epilogues.

We can then juggle the fragments we're provided, so the function prologues and epilogues match the function lengths provided.

Full URL: https://advancedpersistentjest.com/2018/05/14/writeups-elf-crumble-defcon-quals/

Original writeup (https://advancedpersistentjest.com/2018/05/14/writeups-elf-crumble-defcon-quals/).