Userspace

Utilizing Format String Vulnerability to leak the address of PIE and then a simple Ret2Win with args.