This was a pwnable worth 150 pts that I wrote for the 33C3CTF organised by Eat, Sleep, Pwn, Repeat
Every script used for the deployment of the challenge are included, you can just execute
make clean && make all
./build_docker.sh && ./run_docker.shand try out the exploit by running
python exploit.py local
The vulnerability in the binary is a custom overflow check which makes a wrong assumptions that two subsequent allocations on the heap will be placed next to each other