I realize writing up every Protostar/Phoenix exercise has been done a million times over, but this is for my own notes and to track my progress.

Stack Zero is a classic buffer overflow. With the source code handy, we can see there is a buffer of 64 characters and the method gets is used:

img

Once locals.changeme is set to anything other than 1, we get a success. This is easy to accomplish via printing 65 A’s and providing them as input:

img

And we get a success:

img

@andr01d@defcon.social