Wargame22 [exploit-exercises] fusion level00 [ fusion level00 ] 1#include "../common/common.c" 2 3int fix_path(char *path) 4{ 5 char resolved[128]; 6 7 if(realpath(path, resolved) == NULL) return 1; // can't access path. will error trying to open 8 strcpy(path, resolved); 9} 10 11char *parse_http_request() 12{ 13 char buffer[1024]; 14 char *path; 15 char *q; 16 17 printf("[debug] buffer is at 0x%08x :-)\n", buffer); 18 19 if(read(0, buffer.. 2014. 4. 18. 2014 codegate - autumata[400] http://ctfagain.kr/index.html 위 사이트에서 대회 문제 파일&환경을 제공해준다. [Binary & idb] 먼저 IDA로 첫 부분을 살펴 보면 다음과 같다. chksum[0] = 0; chksum[1] = 0; chksum[2] = 0; w_send(fd, "[=] Welcome to Automata System [=]\n\n"); w_send(fd, "[*] Enter your command: "); w_recv(fd, command); w_send(fd, "[*] Enter your code: "); w_recv(fd, code); makeChksum(command, chksum); chk3 = 0; chk2 = 0; chk1 = 0; for ( i = 0; i < ::chk1.. 2014. 4. 10. exploit-exercises http://exploit-exercises.com/ 단계별로 아래와 같이 있다. 1. Nebula2. Protostar 3. Fusion * ssh 원격 방법 Getting rootIn case you need root access to change stuff (such as key mappings, etc), you can do the following:Log in as the "nebula" user account with the password "nebula" (both without quotes), followed by "sudo -s" with the password "nebula". You'll then have root privileges in order to change whatever .. 2013. 9. 11. [LOB_FC4] cruel -> enigma enigma.c의 소스는 아래와 같다. /* The Lord of the BOF : The Fellowship of the BOF - enigma - Remote BOF on Fedora Core 4 - hint : ? - port : TCP 7777 */ #include #include #include #include int vuln(int canary,char *ptr) { char buffer[256]; int *ret; // stack overflow!! strcpy(buffer,ptr); // overflow protected if(canary != 0x31337) { printf("who broke my canary?!"); exit(1); } // preventing RTL ret = &ca.. 2012. 8. 24. 이전 1 2 3 4 5 6 다음
