BuYS: Make yourself win!!!

**sebas_phoenix** · 03-29-2011, 10:55 PM

Alright.. this one is a bit tough coz i am gonna imply some rules on how to solve this ...

Take the program:

#include<stdio.h>
main(int argc, char **argv)
{
int flag;
char buffer[80];
strcpy(buffer,argv[1]);
if(flag==0x41414141)
printf("you lose\n");
}

The point is to make this program print "you win" .. An obvious solution is to overwrite the ret address with the address of your code that prints "you win" . I dont want that.. Infact doing by *the new* way is much more simpler.. You can even try your own methods but i dont want the above solution ...

So think different ..try hard..

**b0nd** · 03-30-2011, 07:41 AM

sebas_phoenix, before starting new question it's expected to close the last one. You have already received couple of replies for your last question, so please post the replies for that question in that thread.
http://www.garage4hackers.com/showth...ding-functions

**sebas_phoenix** · 03-30-2011, 11:12 PM

Originally Posted by b0nd

sebas_phoenix, before starting new question it's expected to close the last one. You have already received couple of replies for your last question, so please post the replies for that question in that thread.
http://www.garage4hackers.com/showth...ding-functions

Sorry b0nd..didnt know about it.. thought i could extend it a bit..

**Aodrulez** · 03-31-2011, 02:34 PM

hey, can you be a bit more specific,regarding *the new* way?

**sebas_phoenix** · 04-01-2011, 01:26 AM

Originally Posted by Aodrulez

hey, can you be a bit more specific,regarding *the new* way?

Think non-executable stack.. if u are able to defeat it..
try getting a root shell (uid=0,gid=0) coz using this particular technique drops privileges before giving a shell.. and i wont be online for some days..sem exams

so you need to wait a lil bit for my reply to ur pm's

Thread: BuYS: Make yourself win!!!

LinkBack

Thread Tools

Search Thread

Display