This kernel runs on a server, not in your tab. A unique FLAG{…}
was minted for your session and injected into that instance's RAM — it is
not in this page, not in the repo, and not in any bytes you're given. The
only way to get it is to make the filesystem hand it to you over the wire.
← Tier 1 (practice, in your browser)
Quick human check to connect — it keeps bots from spinning up VMs on the server:
You made the remote filesystem hand you a flag that was only ever in its RAM:
That's a real remote capture — the same length-confusion primitive as Tier 1, but the secret was never in anything you were given. Submit a writeup to get on the solvers list.
Once you've made the remote filesystem print FLAG{ziran-tier2-…},
submit it here. It's checked server-side by hash against the flag minted
for your session — the page never learns the answer, and a flag scraped from
the repo or this page won't verify.
The concept is the same length-confusion bug you already broke in Tier 1: the reader trusts a length your header supplies instead of the real buffer, and leaves file extents unconfined — so an extent that runs past your upload reads server bytes you were never given. Validating against a length the caller supplies is not validation.
Scope: this is one bug class — a classic out-of-bounds read (CWE-125), and a logical one: safe-Rust slicing keeps every read inside the buffer, so it's information disclosure past a fence, not memory corruption. One deliberately-planted path — not a hardened kernel's real attack surface. Go deeper: Project Zero · LangSec · pwn.college · the Tier-1 scope note.
The secret isn't in your image — the host plants it past your upload, so no
local strings/DevTools can reach it. And its offset is
per session: on a successful load the kernel prints the exact
offset where the secret sits for your instance. Read that line, then craft
an extent that reaches it. A fixed offset copied from a writeup won't land —
that's the point.
Develop and rehearse the full byte-level exploit in the free
Tier-1 sandbox (where the flag is your own, so you can
iterate), then reproduce it here against the offset this session hands you.
Drive it by hand in the terminal: load ⏎, paste your crafted base64
image, . ⏎, then cat the crafted file.