My SecretChallenge
mysecret.zip
Type: format string, read.
Difficulty: beginner.
AnalysisWe can easily figure out this is a classic format string bug from these 2 lines:
123fgets(answer, sizeof(answer), stdin);[...]printf(answer);
The flag is read from flag.txt into a buf in heap, and the address of this buf is stored in char* secret. So we need to search for the location of secret on stack, then by using %s format specifier, we can read a string at an address value and print it out to termi...
