poniedziałek, 14 października 2019

PicoCTF 2014 - format

Last time I tried best shell from PicoCTF 2014. Today I tried to solve the format challenge. Below you will find the details. Here we go...
We will start here:


 This pretty listing can be changed to pseudocode:

 So simply: if we can modify secret value, we will run give_shell(). Let's see what's inside:

Ok, looks good. :) Running the program:


Checking format string opportunity:


Let's switch to gdb again:

Our value was found on place #7, secret address is known.Now we will use u-modifier and hn:

Checking outside gdb:

It's done. :)
 

More cases from PicoCTF 2014 you can find here.

See you next time!

Cheers






Brak komentarzy:

Prześlij komentarz