2008/07/07

[Wargame]ccu Basic 6~9

Basic 6
Given:
  1. A file but where?
  2. DES code
Thinking:
  1. scanning port by nmap
  2. get master.passwd
  3. crack the password by John the ripper

Basic 7
Given:
  1. The password is inside the binary program
Thinking:
  1. How to get the strings inside the program (strings)


Basic 8
Given:
  1. A program with setuid and the source code
Thinking:
  1. 可以在source code內找到它運用了getuid這個function,而此function是由某個library提供的。
  2. 是否可以用某些方式讓該程式不要去讀取原本的library,而去讀取我們自己的library
  3. LD_PRELOAD ??


Basic 9
Given:
  1. A program with buffer overflow vulnerability
Thinking:
  1. 有一變數在複製資料進去時,並沒有做bound checking,也因此我們可利用寫超過的資料去覆蓋程式中其他變數的值

No comments: