The Skills Learned presentation for the Cyber Apocalypse 2024 — Rocket Blaster XXX provides an overview of the skills that can be gained by completing the challenge.
It covers buffer overflow, ret2win, and ROP (Return-Oriented Programming) techniques used in the solution.
The buffer overflow vulnerability is exploited by overfilling a buffer and exploiting the subsequent stack overflow to execute arbitrary code.
Ret2win technique involves bypassing the stack cookie protection using a rop chain to safely execute the ret instruction at an address of our choice, manipulating the program counter to reach our desired destination.
ROP (Return-Oriented Programming) utilizes existing code chunks or “gadgets” in the program to construct a chain of reliable operations to achieve the desired goal, in this case, calling the fill_ammo function with specific arguments.