Need help lab6B rpisec's MBE

I’m doing the RPISEC’s Modern Binary Exploitation series of challenges
But i’m totally stuck for days on the lab6B… So I decided to look for the solution and … I don’t understand nothing about this exploit…
So I’m here to ask you for help if you did the MBE, I would really like to have som help to understand this challenge…
Here is the working exploit :

Thanks !

You mentioned lab4B yet you link to lab6B’s exploit.

Oh sorry i’ts the lab6B ! I edit my message

Helping you wouldn’t help you actually, if you know what I mean. Unless you’re stuck for at least 2-3 weeks then feel free to look at solutions. Here’s another explanation. Have you identified the bug? That lab might require some tiny bruteforcing iirc.

Ok thank you !
So even If I’m stuck for days I shouldn’t look a the solution unless it lasts 2-3 weeks ? When i’m stuck for days I feel like i’m stupid ^^, and I don’t have the feeling to improving myself very much , maybe because I give up too quickly ?

I think there is an off by one vulnerability in the 2 strncpy in login_prompt.

There are pwnables which have taken me more than 2-3 weeks! This non-stop back and forth between repeated failures will teach you more than if you had solved the challenge within the first day. Just keep at it.

Ok thank you, I’ll try harder :smiley:

1 Like