These challenges build upon everything you learned so far, you’re almost there!
There will be very little or nothing new to learn here, you need to combine previously learned concepts.
Read the server code, it doesn’t change much from 1-5 and it will help you a lot. (When I say read I mean understand each and every line)
When exploiting these challenges, I highly recommend using gdb to save you some time.
debugging will only work with with a multiplexer like tmux(covered in the linux module)
The difference between these is important
Start a process with the debugger(This will drop privileges)
p = gdb.debug("process")
Start the process and then attach a debugger(this will not work if its a setuid binary)
p = process("process")
gdb.attach(p)
If your shellcode doesn’t work for some reason, add an int3 instruction to the beginning of your shellcode (\xcc). When run with a debugger it will automatically break at that point.
Now would be a great time to learn to use ghidra,ida,radare2 or binary ninja. Also python scripting will come in real handy.
There will be some challenges with a massive spike in difficulty, don’t give up you’ll eventually get it.
Do you really want a guide for this? :(
You might want to script the last 2 levels using pwntools (there’s a community dojo for that)
After scouring through the internet for many hours, I have come to the conclusion that the material provided on the module is sufficient.
Here’s a video on how to approach the POA challenges that’s on the discord server: