Posted on by and filed under MMA CTF 2016.

After opening the binary up in IDA, it was pretty obvious that we needed to exploit a format string vulnerability. It looks like the flag was declared as a global variable, which means it will have a static address in the .bss Section. This definitely makes our lives easier. See the full writeup here.