Tags: pwn 


bof + correct_catflag_string + system

Original writeup (http://dann.com.br/tamuctf-2017-pwn200-pwn4/).
HugoDelvalApril 25, 2017, 4:52 p.m.

Was there a way to get a shell ? I tried to write "/bin/sh" in the stack then push the address of this string as the argument of system(), but it seemed to me that ASLR was in use.