dc2020q - supersafecalc
This was a jeopardy challenge, part of dc2020q. (CTFtime)
Points: 315
Was solved by:
6
teams
PCAPs:
download
You may spawn the server:
On your laptop
- Install docker
docker pull archiveooo/pub:supersafecalc
(docker-saved download)docker run -d --name supersafecalc archiveooo/pub:supersafecalc
- Local IP:
docker inspect supersafecalc -f '{{ .NetworkSettings.Networks.bridge.IPAddress }}'
- Connect to that IP:6789 —
Remember to
docker rm -f
when done.
On your laptop (full source)
Hosted by OOO
Right now we're asking players to login first.Description
A really safe calculator. The flag is in /flag
Hints
Hint 1
Start by thinking how you can trigger SIGFPE in a permissible way.Hint 2
It still involves division, but not in the usual way.Hint 3
Can you allocate memory for what doesn't have it?Hint 4
You need to exploit a race condition. It shouldn't take too much time and it does happens with fair reliability, but you may still want to practice on your laptop to ease retrying.If you wish, you can contribute more.
There's an author-recommended writeup.