So you want to be a pwn-er huh? Well let’s throw you an easy one ;)
nc pwn.chal.csaw.io 8000
As the description said, this is a very straightforward question. Even without reversing the binary, it prints the address of the target function
system("cat flag.txt"); for us. Just buffer overflow the return address and jump to that funtion to get the flag.
from pwn import *