piątek, 19 lipca 2019

Protostar CTF - Stack0

I decided to check one old CTF called Protostar (again;)). This time we will try to solve some 'stack challenges'. Let's start from the beginning...
We should start here (becase AFAIK an old webpage/address - is dead):


As you can see challenge is pretty easy, so we can call it a 'warmup' ;)


After gdb-peda was installed on my VM I started gdb with stack0 binary: 


Using pdisasm (from gdbpeda) you can see some colors in gdb, like below:


As you can see we have a gets function here (more about it you can read in this nice book;)) so it should be easy to understand that EAX above is the argument for our gets:


Next part should be quick&easy too (if you tried few basic crackmes in the past).So I tried to see what arguments we will have for both CALL instructions:




Cool. We will set a breakpoint now:






Unfortunately the program will not need argv[1] ;P So:



Next:


Now we are comparing EAX, checking:


Cool. Overflowed. According to the source, we need 'more than 64 chars' long string to 'modify' modified variable. Let's try:


Ok, should be good. Verifying:





Cool. Done. :]

See you next time.

If you found any mistake/bug in the code/listings above, feel free to ping me.
Feedback/hint is always appreciated.


See you next time.

Cheers



...to be continued...

Brak komentarzy:

Publikowanie komentarza