BSidesSF 2026: read(write(call))me - progressive pwn challenges

This is a write-up for three “pwn” challenges - readwritecallme, readwriteme, readme. They’re all pretty straight forward, and designed to teach a specific exploit type: how to exploit an arbitrary memory write. All three challenges let you read arbitrary memory, and the first two additionally let you write to arbitrary memory. The final one (readme) only lets you read memory, but it has a buffer overflow that lets you take control. Technically, all three can be solved with the readme solution, but I’ll go over my intended solutions for all three, since I think it’s helpful. As always, you can find copies of the binaries, containers, and full solution in our GitHub repo!