This is a comprehensive playbook for exploiting format string vulnerabilities in printf-family functions. It covers the full attack surface: leaking stack values and arbitrary memory with %p and %s, writing to arbitrary addresses with %n variants, finding your input offset on the stack, and automating exploitation with pwntools' fmtstr_payload. The techniques section walks through GOT overwrites, hook targeting, and pointer chain exploitation for indirect writes. It handles 64-bit quirks like null bytes in addresses and includes blind exploitation methodology when you don't have the binary. The skill reads like distilled CTF wisdom, with offset calculation being the critical detail most base models mess up. If you're doing binary exploitation and need to turn a format string bug into arbitrary read/write primitives, this gives you the exact patterns and tooling.
npx skills add https://github.com/yaklang/hack-skills --skill format-string-exploitation