Rating:
The binary has a simple Stack Overflow vulnerability.
We can't leak the memory because there is no `write` function in the GOT.
Also, we can't overwrite the return address because of the calling convention.
By applying the Stack Pivot and the Return to dl-resolve, we can call `system("/bin/sh")`.
[writeup](https://ptr-yudai.hatenablog.com/entry/2019/03/25/152043#Pwn-1000pts-Baby-two)
