Tags: binaryexploitation pwn
Rating:
Buffer overflow with a stack canary
Format string printf, except only lower case characters were allowed (a-z)
Bypass this with a buffer input size of anything that ends in 0x00. (0x100, 0x200, 0x300)
Use format string to leak stack, leak stack cookie, leak libc, and write to rop chain to call system("/bin/sh").
Trigger rop chain and win!
