Mommy told me to make a passcode based login system.My initial C code was compiled without any error!Well, there was some compiler warning, but who cares about that?ssh passcode@pwnable.kr -p2222 (pw:guest)Bug/* passcode.c */void login(){ int passcode1; int passcode2; printf("enter passcode1 : "); scanf("%d", passcode1); fflush(stdin); // ha! mommy told me that 32bit is vulnera..
Papa brought me a packed present! let's open it.Download : http://pwnable.kr/bin/flagThis is reversing task. all you need is binary바이너리에 포함된 문자열을 확인해 보면 UPX로 패킹된 바이너리임을 알 수 있다.wget https://github.com/upx/upx/releases/download/v4.2.4/upx-4.2.4-amd64_linux.tar.xzlstar -xvf upx-4.2.4-amd64_linux.tar.xzrm upx-4.2.4-amd64_linux.tar.xzls upx-4.2.4-amd64_linuxupx-4.2.4-amd64_linux/upx -d flag패킹이 해제된 바이..
Nana told me that buffer overflow is one of the most common software vulnerability.Is that true?Download : http://pwnable.kr/bin/bofDownload : http://pwnable.kr/bin/bof.cRunning at : nc pwnable.kr 9000Analysis/* bof.c */#include #include #include void func(int key){ char overflowme[32]; printf("overflow me : "); gets(overflowme); // smash me! if(key == 0xcafebabe){ system("..
Daddy told me about cool MD5 hash collision today.I wanna do something like that too!ssh col@pwnable.kr -p2222 (pw:guest)Analysis/* col.c */#include #include unsigned long hashcode = 0x21DD09EC;unsigned long check_password(const char* p){ int* ip = (int*)p; int i; int res=0; for(i=0; icheck_password()는 p에 저장된 문자열을 앞에서부터 4바이트씩 잘라서 5개의 정수를 만들고 모두 더한 결과를 반환한다.check_passw..
Mommy! what is a file descriptor in Linux?try to play the wargame your self but if you are ABSOLUTE beginner, follow this tutorial link:https://youtu.be/971eZhMHQQwssh fd@pwnable.kr -p2222 (pw:guest)Analysis/* fd.c */#include #include #include char buf[32];int main(int argc, char* argv[], char* envp[]){ if(argcfd는 argv[1]의 값을 조절하여 임의의 값으로 설정할 수 있다. fd가 0인 경우 stdin으로 buf에 최대 32바이트까지 입력할 수 ..
'Wargame/pwnable.kr' 카테고리의 글 목록 (5 Page)