Description

For this challenge, ASLR has been enabled. You will have to find another bug to get you a kernel32.dll leak. Use the leak to calculate the base address of kernel32.dll and calculate the actual address to WinExec. The rest is up to you!

Files

Click here to download the files for this challenge.

Video walkthrough

Click here to see the video walkthrough for this challenge.