Tags: pwn 

Rating: 5.0

Buffer overflow, call puts for libc infoleak, use oneshot gadet. Checkout writeup for a much more detail explanation.

https://github.com/guyinatuxedo/ctf/tree/master/defconquals2019/speedrun/s2