piątek, 19 lipca 2019

Protostar CTF - Stack0

I decided to check one old CTF called Protostar (again;)). This time we will try to solve some 'stack challenges'. Let's start from the beginning...
We should start here (becase AFAIK an old webpage/address - is dead):

As you can see challenge is pretty easy, so we can call it a 'warmup' ;)

After gdb-peda was installed on my VM I started gdb with stack0 binary: 

Using pdisasm (from gdbpeda) you can see some colors in gdb, like below:

As you can see we have a gets function here (more about it you can read in this nice book;)) so it should be easy to understand that EAX above is the argument for our gets:

Next part should be quick&easy too (if you tried few basic crackmes in the past).So I tried to see what arguments we will have for both CALL instructions:

Cool. We will set a breakpoint now:

Unfortunately the program will not need argv[1] ;P So:


Now we are comparing EAX, checking:

Cool. Overflowed. According to the source, we need 'more than 64 chars' long string to 'modify' modified variable. Let's try:

Ok, should be good. Verifying:

Cool. Done. :]

See you next time.

If you found any mistake/bug in the code/listings above, feel free to ping me.
Feedback/hint is always appreciated.

See you next time.


...to be continued...

Brak komentarzy:

Prześlij komentarz