Very good. Learned a lot.

Hard for the beginners generally.

HINT: The buffer and the flag take 64byte for each, so 8byte at each address means you have 8 address start from 0 to 7 : the buffer, then 8>15 : the flag. (search of String format vuln)

so ez

How rid off 0x00 in address

Any tips ? I made a for to see every string on the stack but it just doesn't work and I have no idea

https://infosecwriteups.com/exploiting-format-string-vulnerability-97e3d588da1b<br /> Reference to learn about this challenge

https://infosecwriteups.com/exploiting-format-string-vulnerability-97e3d588da1b<br /> Reference to learn about this challenge

https://infosecwriteups.com/exploiting-format-string-vulnerability-97e3d588da1b<br /> Reference to learn about this challenge

I cant understand the problem i am soo confused how to solve it i have tried many ways that i created a flag file and inserted 63 A's in it to overflow the flag buffer and buffer with 64 A's but also i am not getting how to do it could any one explain enough for me to do it on my own

you are close, keep digging in this direction. Flag is longer than the part you posted.

the flag made my head hurt :((

really nice one

how to print flag in format String?

That is exactly the thing to do in this task :)

i can't see the stack in gdb

give me a hint

Very good. Learned a lot.

Hard for the beginners generally.

HINT: The buffer and the flag take 64byte for each, so 8byte at each address means you have 8 address start from 0 to 7 : the buffer, then 8>15 : the flag. (search of String format vuln)

How rid off 0x00 in address