pwnable.kr [mistake]

最新推荐文章于 2022-09-12 16:09:12 发布

shisuan1

最新推荐文章于 2022-09-12 16:09:12 发布

阅读量161

点赞数

分类专栏：个人知识管理

本文链接：https://blog.csdn.net/shisuan1/article/details/84841036

版权

个人知识管理专栏收录该内容

20 篇文章 0 订阅

订阅专栏

pwnable.kr [mistake]

We all make mistakes, let’s move on.
(don’t take this too seriously, no fancy hacking skill is required at all)
This task is based on real event
Thanks to dhmonkey
hint : operator priority
ssh mistake@pwnable.kr -p2222 (pw:guest)

看代码

#include <stdio.h>
#include <fcntl.h>

#define PW_LEN 10
#define XORKEY 1

void xor(char* s, int len){
        int i;
        for(i=0; i<len; i++){
                s[i] ^= XORKEY;
        }
}

int main(int argc, char* argv[]){

        int fd;
        if(fd=open("/home/mistake/password",O_RDONLY,0400) < 0){
                printf("can't open password %d\n", fd);
                return 0;
        }

        printf("do not bruteforce...\n");
        sleep(time(0)%20);

        char pw_buf[PW_LEN+1];
        int len;
        if(!(len=read(fd,pw_buf,PW_LEN) > 0)){
                printf("read error\n");
                close(fd);
                return 0;
        }

        char pw_buf2[PW_LEN+1];
        printf("input password : ");
        scanf("%10s", pw_buf2);

        // xor your input
        xor(pw_buf2, 10);

        if(!strncmp(pw_buf, pw_buf2, PW_LEN)){
                printf("Password OK\n");
                system("/bin/cat flag\n");
        }
        else{
                printf("Wrong Password\n");
        }

        close(fd);
        return 0;
}

看这句话fd=open("/home/mistake/password",O_RDONLY,0400) < 0,fd其实等于0的。
因为运算优先级。
然后输入两个10位数，一个等于另外一个与1的异或运算即可。
比如0000000000，1111111111

shisuan1

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
pwnable.kr [mistake]

pwnable.kr [mistake]We all make mistakes, let’s move on.(don’t take this too seriously, no fancy hacking skill is required at all)This task is based on real eventThanks to dhmonkeyhint : operato...
复制链接

扫一扫