Theme Layout

Boxed or Wide or Framed

Wide

Theme Translation

Display Featured Slider

Featured Slider Styles

Display Grid Slider

yes

Grid Slider Styles

Display Trending Posts

Display Author Bio

Display Instagram Footer

off

Dark or Light Style

Light
Powered by Blogger.

Tuesday, January 31, 2017

[Hacker School] FTZ Level9 ( Ver. Eng )






Level9

Use the level9 password “apple” to access the level9 account. and check the hint.



In this bof program, when the string ‘go’ is entered in the fist 2 bytes of bur2 array, the shell is executed with the permission of level10. To solve the problem, we created a program in tmp Directory that is identical to the source of bof, and we figured out the 
stack structure. 



The total size of the stack is 40 bytes. Next, I tried to add the following code to see the distance between bug and buf2.


The distance between buf and buf2 is 0x10 (16bytes) apart. Based on this, the stack can be represented as:


When I create a payload based on the stack structure, it is likely that a level10 shell will be executed if i fill in characters by 16bytes first, then fill the next  2bytes with the ‘go’ string.


When I type the payload, I can see the password of level10 account.
QuickEdit
Unknown
0 Comments
Share This Post :

You Might Also Like

No comments:

Post a Comment

Follow @SunriseSunsetBlog