The program uses the gets() function to read input, which does not check for buffer limits, allowing more than 32 characters to be written into the local_28 array.
The goal is to call the system() function to obtain a shell or flag, likely by finding the ret2win function in Ghidra . CTFtime.org / RaRCTF 2021 / ret2winRaRs / Writeup gHuFWSMEPinochsn22Lmdtue2.rar
Based on the search result, this appears to be a (walkthrough) for a Capture The Flag (CTF) security challenge named "ret2winRaRs" from RaRCTF 2021 . Key Takeaways from the Write-up: Challenge Type: Buffer Overflow ( ret2win ). The program uses the gets() function to read
A classic stack-based buffer overflow to overwrite return addresses. gHuFWSMEPinochsn22Lmdtue2.rar