As it turns out, I had a hard time going getting the knack to finish these challenges after a needed vacation time. Turns out, the time I don't allocate to my job is now filled with practical hands-on (as in: physically pouring concrete, not as in downloading sample material from a vendor website) because the rain season just started.
On the challenges, I'm facing a bug where I'm able to write 3/4 bytes with
%hhn correctly but the first one always is 4 away of the expected value, I
tried a bunch of different approaches, sorting the writes by value to avoid
overflowing over 0xff, and it's not that exciting. I've got enough problems
to solve elsewhere.
Hopefully, when I will come back here to finish these challenges (seriously, all these "house of" exploit classes, the qualys .txt files, and other fancy exploits are really interesting reads.) I'll find my exploit code in a readable commented state ?
See you in a bit !