flaws.cloud is a series of AWS-based challenges with the aim of teaching about common mistakes and gotchas of the platform.

Jumping over to the Web Exploitation category for a change

In which I continue through the General Skills section of picoCTF

The challenge

The “Stonks” challenge from picoCTF2021 presents us with a binary epxloitation excercise, we are supposed to connect via netcat to an address presented to us as nc mercury.picoctf.net 53437 and we have a downloadable file titled vuln.c.

What is picoCTF? (from official website)

picoCTF is a free computer security education program with original content built on a capture-the-flag framework created by security and privacy experts at Carnegie Mellon University.

The following are my writeups on the first few “General Skills” challenges.