00000000 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 |.ELF............| 00000010 03 00 3e 00 01 00 00 00 60 10 40 00 00 00 00 00 |..>.....`.@.....| 00000020 40 00 00 00 00 00 00 00 48 30 00 00 00 00 00 00 |@.......H0......| 00000030 00 00 00 00 40 00 38 00 09 00 40 00 1a 00 19 00 |....@.8...@.....| 00000040 06 00 00 00 04 00 00 00 40 00 00 00 00 00 00 00 |........@.......| 00000050 40 00 40 00 00 00 00 00 40 00 40 00 00 00 00 00 |@.@.....@.@.....| 00000060 f8 01 00 00 00 00 00 00 f8 01 00 00 00 00 00 00 |................| 00000070 08 00 00 00 00 00 00 00 03 00 00 00 04 00 00 00 |................| 00000080 38 02 00 00 00 00 00 00 38 02 40 00 00 00 00 00 |8.......8.@.....| 00000090 38 02 40 00 00 00 00 00 1c 00 00 00 00 00 00 00 |8.@.............| 000000a0 1c 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 |................| 000000b0 01 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 |................| 000000c0 00 00 40 00 00 00 00 00 00 00 40 00 00 00 00 00 |..@.......@.....| 000000d0 e4 08 00 00 00 00 00 00 e4 08 00 00 00 00 00 00 |................| 000000e0 00 10 00 00 00 00 00 00 01 00 00 00 06 00 00 00 |................| 000000f0 e8 0d 00 00 00 00 00 00 e8 0d 60 00 00 00 00 00 |........`.@.....| 00000100 e8 0d 60 00 00 00 00 00 48 02 00 00 00 00 00 00 |..`.....H.......| 00000110 50 02 00 00 00 00 00 00 00 10 00 00 00 00 00 00 |P...............| 00000120 02 00 00 00 06 00 00 00 08 0e 00 00 00 00 00 00 |................| 00000130 08 0e 60 00 00 00 00 00 08 0e 60 00 00 00 00 00 |..`.......`.....| 00000140 f0 01 00 00 00 00 00 00 f0 01 00 00 00 00 00 00 |................| 00000150 08 00 00 00 00 00 00 00 04 00 00 00 04 00 00 00 |................| 00000160 54 02 00 00 00 00 00 00 54 02 40 00 00 00 00 00 |T.......T.@.....| 00000170 54 02 40 00 00 00 00 00 44 00 00 00 00 00 00 00 |T.@.....D.......| 00000180 44 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 |D...............| 00000190 51 e5 74 64 06 00 00 00 00 00 00 00 00 00 00 00 |Q.td............| 000001a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 000001b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 000001c0 08 00 00 00 00 00 00 00 52 e5 74 64 04 00 00 00 |........R.td....| 000001d0 e8 0d 00 00 00 00 00 00 e8 0d 60 00 00 00 00 00 |........`.@.....|

0xKAAAMMUUI

Firewall3 🔥📤🧱

Writeup from Intercepting Communication

🧠 Task Description

Challenge Name: Firewall3
Platform: pwn.college
Goal: From your host at 10.0.0.1, connect to the remote host at 10.0.0.2 on port 31337.
However, outbound traffic to port 31337 is currently blocked by a firewall rule.

🔍 Reconnaissance

Inspect the challenge logic from /challenge/run:

root@ip-10-0-0-1:~# cat /challenge/run

A drop_packets(31337) function uses iptables to block outgoing TCP traffic to port 31337:
```
iptables -A OUTPUT -p tcp --dport 31337 -j DROP
```
The server (10.0.0.2) listens on port 31337 and sends the flag if it receives a connection.
You are required to remove the outbound firewall rule and then connect.

Exploitation: Unblock Outbound Port 31337

Step 1: Flush the OUTPUT chain to remove the blocking rule

iptables -F OUTPUT

Step 2: Connect to the server

nc 10.0.0.2 31337

Successful output:

pwn.college{U9e7ao4glbM9Yew3MCVWPwDf7KC.0FM1AjNxwSM0IzMyEzW}

Flag

pwn.college{U9e7ao4glbM9Yew3MCVWPwDf7KC.0FM1AjNxwSM0IzMyEzW}