https://app.hackthebox.com/challenges/821

Description

Que onda! Welcome to the festival of Pwn! This is a small guide to help you continue your journey, follow the instructions in README.txt

Exploitation

#!/usr/bin/python3
from pwn import *

def get_process():
    try:
        host, port = sys.argv[1].split(':')
        return remote(host, int(port))
    except IndexError:
        print(f'Usage: python {sys.argv[0]} <ip:port>')
        exit(1)

p = get_process()
p.sendline(b'flag')
response = p.recvall().decode('utf-8', errors='ignore')
p.close()
flag = re.search(r'HTB\{.*?\}', response)
if flag:
    print(flag.group(0))
else:
    print("Flag not found")

Summary

Que Onda: build the exploit primitive, stabilize the payload, and use it to read the flag.