Tags: got one_gadget bufferoverflow heap 

Rating:

In `PlaidCTF 2018 - shop` challenge, there is a `buffer overflow` vulnerability that allows us to leak `heap` and `libc` base addresses. Finally, we can overwrite `put@GOT` with `one gadget` in order to execute `/bin/sh`. This is an interesting `heap exploitation` challenge to learn bypassing protections like `NX`, `Canary`, and `ASLR` in `x86_64` binaries.

Original writeup (https://github.com/sajjadium/ctf-writeups/tree/master/PlaidCTF/2018/shop).