Wargame/exploit-exercises4 [exploit-exercises] fusion level02 [ fusion level02 ] 1#include "../common/common.c" 2 3#define XORSZ 32 4 5void cipher(unsigned char *blah, size_t len) 6{ 7 static int keyed; 8 static unsigned int keybuf[XORSZ]; 9 10 int blocks; 11 unsigned int *blahi, j; 12 13 if(keyed == 0) { 14 int fd; 15 fd = open("/dev/urandom", O_RDONLY); 16 if(read(fd, &keybuf, sizeof(keybuf)) != sizeof(keybuf)) exit(EXIT_FAILURE); 17 close(fd); 18 keyed .. 2014. 4. 25. [exploit-exercises] fusion level01 [ fusion level01 ] 1#include "../common/common.c" 2 3int fix_path(char *path) 4{ 5 char resolved[128]; 6 7 if(realpath(path, resolved) == NULL) return 1; // can't access path. will error trying to open 8 strcpy(path, resolved); 9} 10 11char *parse_http_request() 12{ 13 char buffer[1024]; 14 char *path; 15 char *q; 16 17 // printf("[debug] buffer is at 0x%08x :-)\n", buffer); :D 18 19 if(read(0, .. 2014. 4. 20. [exploit-exercises] fusion level00 [ fusion level00 ] 1#include "../common/common.c" 2 3int fix_path(char *path) 4{ 5 char resolved[128]; 6 7 if(realpath(path, resolved) == NULL) return 1; // can't access path. will error trying to open 8 strcpy(path, resolved); 9} 10 11char *parse_http_request() 12{ 13 char buffer[1024]; 14 char *path; 15 char *q; 16 17 printf("[debug] buffer is at 0x%08x :-)\n", buffer); 18 19 if(read(0, buffer.. 2014. 4. 18. exploit-exercises http://exploit-exercises.com/ 단계별로 아래와 같이 있다. 1. Nebula2. Protostar 3. Fusion * ssh 원격 방법 Getting rootIn case you need root access to change stuff (such as key mappings, etc), you can do the following:Log in as the "nebula" user account with the password "nebula" (both without quotes), followed by "sudo -s" with the password "nebula". You'll then have root privileges in order to change whatever .. 2013. 9. 11. 이전 1 다음