Mobile Application Security Labs 
Pictator

This challenge focuses on the Pictator app, a secure communication tool utilized by a dictator's army. It processes images using the proprietary library to securely transmit the files over the network. However, there exists a Use After Free vulnerability which leads to severe impact. Your objective is to exploit this UAF bug, achieve arbitrary function execution by sending a specially crafted image, and retrieve the hidden flag.

Outline
Pictator is designed to be a highly secure military communication tool. All data is transferred encrypted, and the app employs robust methods to ensure the integrity of the communication channel.

Objective
 Your task is to bypass these protections and retrieve the hidden flag within the app.

Skills Required

• Reverse Engineering: Proficiency in disassembling and analyzing compiled code.
• Memory Corruption & Use‑After‑Free:Understanding of UAF semantics, heap layouts, and control of freed objects.
• Debugging: Proficiency in using GDB or LLDB to inspect and manipulate program execution.