We covered a binary vulnerable to format string vulnerability in which the vulnerable code contains an implementation of printf statement that takes the user input directly as an argument without input filtering or validation. This leads the attacker to submit format string specifiers such as %x, %n or %p to leak or even modify values on the stack.. This was part of HackTheBox Leet Test Intro to Binary Exploitation track.

Fully working exploit script can be found here

Flag

HTB{y0u_sur3_r_1337_en0ugh!!}

Video Walkthrough

Buffer Overflow, CTF Writeups, HackTheBox, HackTheBox Leet Test

Show Comments

MasterMind Study Notes

About the Author

Mastermind Study Notes is a group of talented authors and writers who are experienced and well-versed across different fields. The group is led by, Motasem Hamdan, who is a Cybersecurity content creator and YouTuber.

View Articles

Format String Vulnerability Explained | HackTheBox Leet Test

Leave a Reply Cancel reply

MasterMind Study Notes

About the Author

Press ESC to close

Format String Vulnerability Explained | HackTheBox Leet Test

Leave a Reply Cancel reply

MasterMind Study Notes

About the Author

Share Article:

You might also like

OffSec Proving Grounds: Crane Walkthrough | OSCP Prep

HackTheBox Spookypass Challenge Writeup

HackTheBox Permx Writeup