This challenge is brought to us courtesy of picoGym, which is picoCTF's year round training platform. The challenge provides 3 files: libc.so.6, Makefile, and vuln. All three files, and the code used in this walk-through, can be found in my GitHub repo at https://github.com/ChrisCHumphreys/picolab/tree/main/heres_a_lib_c . Also, a huge thanks to guyinatuxedo, whose resources at https://guyinatuxedo.github.io/index.html were invaluable in helping me to learn this stuff. On my system at least, the executable would not work due to my having a different libc in use than the one the program was originally compiled with. I fixed this by running pwninit on the file and generating a version of vuln that uses the libc provided with the challenge. The name of this new modified file is vuln_patched. pwninit can be found at https://github.com/io12/pwninit . First, running checksec on this executable shows that very few protections are enabled, but that the...
