I am running this verybad service to see how can people attack this and extract information.
http://verybad.kushaldas.in:8000/
Give it a go and let me know what all can you find :)
Happy hacking!!
@kushal Are we supposed to disable ASLR, etc?
What all should we find?
@kushal It's probably possible to override some of that by memory manipulation - but I have no clue how to do any of that.
@kushal Well, I gave up :/
Basically all of /proc is readable. With that I could see what all things are actually available.
ld-linux-x86-64.so.2 can probably run files even without executable bit? But rocket limits Vec<u8> to 8 KiB and so I couldn't post anything useful in.