Format String + Buffer Overflow vulnerability

ASLR + NX bit + PIE + Full RELRO + Stack Canary enabled

Use the format string vuln to leak stack canary and a libc address. Calculate libc base, find a one gadget, then use the buffer overflow to jump to the one gadget.

Detailed writeup at the link.

Original writeup (https://syedfarazabrar.com/pwn/2019/08/23/hackcon-not-so-easy-b0f.html).