Pwnable
Exploit your way to the secret flag
Play the Game
Everything we hear is an opinion, not a fact. Everything we see is a perspective, not the truth.
The objective of this challenge is to exploit a remote service and claim a secret flag. This challenge requires knowledge in reverse engineering, buffer overflows, memory disclosure vulnerabilities, bypassing Address Space Layout Randomization, and crafting exploit code to execute commands remotely.
Once you have successfully obtained the flag, send your resume and flag to careers@praetorian.com
The challenge
Through limited access to the server, we have obtained an old version of the exploitable binary, which may be downloaded below. It appears this old version was designed to be run locally, but generally mirrors functionality of the Internet connected version. Feel free to use whatever techniques come to mind to determine the purpose of the binary. Once you are confident in your ability to crash the binary in a controlled manner, connect to the live server at pwnable.praetorian.com:2888.
IMPORTANT: For reasons unknown to you, the server only allows outbound connections on port 4444 and allows no inbound connections (except 2888). Keep this in mind while crafting your exploit. Additionally, you can obtain the flag by running /bin/flag pwnable@example.org
with your email address as the first argument.
Will you be next? We’ll be watching.
But feel free to reach out via Twitter @PraetorianLabs.