Cyber Apocalypse 2022 — Space Pirate: Going Deeper

Going Deeper is a Pwn Challenge from Cyber Apocalypse 2022.

Decompiling

After decompilation with Ghidra there was an interesting function called admin_panel. It contains a subsroutine which checks for a specific input:

Exploiting

To exploit the challenge we had to start the instance and connect to it via Netcat. I have wrote the following script, which connects to the service and sends the string in line 29 to the service after selecting “Login” option:

Then I have run the script with Python 2:

python2 exploit_remote.py

And was able to receive the flag: