pwnable.kr:cmd2

Posted on 2017, Jul31, Monday 00:32:48 • Tagged with pwnable.kr

题目

Daddy bought me a system command shell.
but he put some filters to prevent me from playing with it without his permission…
but I wanna play anytime I want …


Continue reading

pwnable.kr:cmd1

Posted on 2017, Jul30, Sunday 23:38:58 • Tagged with pwnable.kr

题目

Mommy! what is PATH environment in Linux?

ssh cmd1@pwnable.kr -p2222 (pw:guest)

1. 分析

看了源码,大意是允许执行一条命令,但是过滤了sh, tmp, flag

所以只需要绕过它并且输出flag内容即可

2. 题解

./cmd1 "/bin/cat f*"

所以我现在都不知道这题和PATH有什么关系 …


Continue reading

pwnable.kr:lotto

Posted on 2017, Jul30, Sunday 23:24:04 • Tagged with pwnable.kr

题目

Mommy! I made a lotto program for my homework.
do you want to play?

ssh lotto@pwnable.kr -p2222 (pw:guest)

1. 分析

验证部分代码如下

int match = 0, j = 0 …

Continue reading

pwnable.kr:coin1

Posted on 2017, Jul30, Sunday 22:20:47 • Tagged with pwnable.kr

题目

Mommy, I wanna play a game!
(if your network response time is too slow, try nc 0 9007 inside pwnable.kr server)

Running at : nc pwnable.kr 9007

1 …


Continue reading

pwnable.kr:shellshock

Posted on 2017, Jul30, Sunday 20:42:09 • Tagged with pwnable.kr

题目

Mommy, there was a shocking news about bash.
I bet you already know, but lets just make it sure :)

ssh shellshock@pwnable.kr -p2222 (pw:guest)

分析

由题目名称shellshock可以猜测这题是个利用shellshock的题目

下面是shellshock的介绍 …


Continue reading

pwnable.kr:mistake

Posted on 2017, Jul29, Saturday 23:22:13 • Tagged with pwnable.kr

题目

We all make mistakes, let’s move on.
(don’t take this too seriously, no fancy hacking skill is required at all)

This task is based on real event …


Continue reading

pwnable.kr:input

Posted on 2017, Jul28, Friday 17:31:43 • Tagged with pwnable.kr

题目

Mom? how can I pass my input to a computer program?

ssh input2@pwnable.kr -p2222 (pw:guest)

1. 分析

查看input.c后发现,题目看起来好像很简单,只要通过五个验证就好

2.题解

这个题如果使用pwntools来解决是十分方便的,不过借这题的机会,顺便介绍掉小姿势吧 …


Continue reading