Write up (Wargame)
[Lord Of Bufferoverflow] 10. vampire -> skeleton 풀이
login : vampire password : music world 탐색전 cat skeleton.c /* The Lord of the BOF : The Fellowship of the BOF - skeleton - argv hunter */ #include #include extern char **environ; main(int argc, char *argv[]) { char buffer[40]; int i, saved_argc; if(argc < 2){ printf("argv error\n"); exit(0); } // egghunter for(i=0; environ[i]; i++) memset(environ[i], 0, strlen(environ[i])); if(argv[1][47] != '\xb..
[Lord Of Bufferoverflow] 9. troll -> vampire 풀이
login : troll password : aspirin 탐색전 두근두근 cat vampire.c /* The Lord of the BOF : The Fellowship of the BOF - vampire - check 0xbfff */ #include #include main(int argc, char *argv[]) { char buffer[40]; if(argc < 2){ printf("argv error\n"); exit(0); } if(argv[1][47] != '\xbf') { printf("stack is still your friend.\n"); exit(0); } // here is changed! if(argv[1][46] == '\xff') { printf("but it's not..
[Lord Of Bufferoverflow] 8. orge -> troll 풀이
login : orge password : timewalker 다시 보니까 여기선 하십시오체를 쓰는데 그냥 컨디션에 따라 달라지는거 같네요 ㅇㅅㅇ... 탐색전 cat을 할 때마다 너무 두근두근.. 어떤 코드가 있을까요. /* The Lord of the BOF : The Fellowship of the BOF - troll - check argc + argv hunter */ #include #include extern char **environ; main(int argc, char *argv[]) { char buffer[40]; int i; // here is changed if(argc != 2){ printf("argc must be two!\n"); exit(0); } // egghunter f..
[Lord Of Bufferoverflow] 7. darkelf -> orge 풀이
login : darkelf password : kernel crashed 탐색전 cat orge.c /* The Lord of the BOF : The Fellowship of the BOF - orge - check argv[0] */ #include #include extern char **environ; main(int argc, char *argv[]) { char buffer[40]; int i; if(argc < 2){ printf("argv error\n"); exit(0); } // here is changed! if(strlen(argv[0]) != 77){ printf("argv[0] error\n"); exit(0); } // egghunter for(i=0; environ[i]; ..
[Lord Of Bufferoverflow] 6. wolfman -> darkelf 풀이
login : wolfman password : love eyuna 탐색전 /* The Lord of the BOF : The Fellowship of the BOF - darkelf - egghunter + buffer hunter + check length of argv[1] */ #include #include extern char **environ; main(int argc, char *argv[]) { char buffer[40]; int i; if(argc < 2){ printf("argv error\n"); exit(0); } // egghunter for(i=0; environ[i]; i++) memset(environ[i], 0, strlen(environ[i])); if(argv[1][..
[Lord Of Bufferoverflow] 5. orc -> wolfman 풀이
login : orc password : cantata 탐색전 cat wolfman.c /* The Lord of the BOF : The Fellowship of the BOF - wolfman - egghunter + buffer hunter */ #include #include extern char **environ; main(int argc, char *argv[]) { char buffer[40]; int i; if(argc < 2){ printf("argv error\n"); exit(0); } // egghunter for(i=0; environ[i]; i++) memset(environ[i], 0, strlen(environ[i])); if(argv[1][47] != '\xbf') { pr..
