Level15
After accessing level15 account, check the hint as follows.
Up to the previous level bof a little different from problems, is declared as a variable check is that a variable declared as a pointer.
Pointer variables are variables with the value of that memory address.
In other words, check is recognized the address of the memory within variables.
In the code, if I put 0xdeadbeef into the address of memory that pointed to by check pointer variable, the level16 shell is executed.
To know the relationship between the three variables, I executed the program adding a line of code.
In addition, I analyze it with gdb to understand the stack structure.
I know that the size of the memory space is 0x38 ( 56 byte).
Also, I know that this program put the value of ebp-16 to eax, and the value of eax compare with 0xdeadbeef.Based on the above, the structure of the stack is shown as follows.
Since the program compare 0xdeadbeef with the value of eax, I look for the location where 0xdeadbeef is included in the program.
I know that 0xdeadbeef in 0x080484b2. So, When I put a dummy value as 40byte and put the 0x080484b2, The check pointer variable contain 0xdeadbeef.
as a result, I confirm the password of level16.
No comments:
Post a Comment