App - System

Hello everyone,

I have a question regarding the challenge called "ELF x86 - Bug Hunting - Several issues". I was able to find a bug that allows me to trigger the signal handler; however, after that, I am struggling a lot to complete the exploitation. In particular, it seems that there is a LOT of manual work necessary to be able to jump around in the binary 16 bytes by 16 bytes, triggering a signal each time.

I was wondering, since the title says "Several Issues" and I have found only one bug, am I missing something that would simplify the exploitation? If not, is the huge amount of manual work to jump 16 bytes at a time really necessary? Am I simply missing a tool that would find the "signal gadgets" automatically? Am I supposed to write one?

Any kind of general suggestion is welcome.

There’s not a single way to exploit this binary. "Several issues" is a hint, so if you found only one of them, you’re probably not walking the easiest path.

Ok, I was thrown off by the description I guess. It says: "Audit this binary source code to find *a* flaw", so after finding the first bug, the one that allows to trigger the signal handler for SIGFPE, I stopped looking for others. I thought the only way to construct an exploit was to find gadgets that ended in signals. I’ll try looking for other bugs then.

heyy, so i’m currently stuck at this same step, any hint on what direction should i be looking ??