The reverse shell method requires a public IP. But my server/computer is behind a NAT. And I have no control on the NAT server. So the reverse shell method doesn't work for me. I also thought about uploading the flag to a public file server. However the shellcode size limit is 0x100 bytes. It's too small to fit the shellcode and the HTTP request on the payload. Do we have another ways to solve this beside reverse shell method?

For authors, could you upload the Dockerfile? I think I could try to restore the lost fds with it.

Edit: Does the remote server of the challege have /bin/ssh or scp installed ?