House-of-loop Hi everyone, this is the writeup for the challenge House-of-loop in the AceBear Security Contest 2019 You may want to checkout the exploit code Description We are given a stripped ELF x64 binary which can be interacted with, our task is to get remote code execution(RCE).

By judging the program’s interface, we know that it was a heap challenge. Spent quite a lot of time reversing it, I figured it out that it malloc a few bytes for the person struct on the heap, then the name will be malloc with the size entered and that address will be put in the person struct.