pwnable.kr [mistake]

编程入门行业动态更新时间:2024-10-15 16:17:10

pwnable.kr [mistake]

We all make mistakes, let’s move on.
(don’t take this too seriously, no fancy hacking skill is required at all)
This task is based on real event
Thanks to dhmonkey
hint : operator priority
ssh mistake@pwnable.kr -p2222 (pw:guest)

看代码

#include <stdio.h>
#include <fcntl.h>#define PW_LEN 10
#define XORKEY 1void xor(char* s, int len){int i;for(i=0; i<len; i++){s[i] ^= XORKEY;}
}int main(int argc, char* argv[]){int fd;if(fd=open("/home/mistake/password",O_RDONLY,0400) < 0){printf("can't open password %d\n", fd);return 0;}printf("do not bruteforce...\n");sleep(time(0)%20);char pw_buf[PW_LEN+1];int len;if(!(len=read(fd,pw_buf,PW_LEN) > 0)){printf("read error\n");close(fd);return 0;}char pw_buf2[PW_LEN+1];printf("input password : ");scanf("%10s", pw_buf2);// xor your inputxor(pw_buf2, 10);if(!strncmp(pw_buf, pw_buf2, PW_LEN)){printf("Password OK\n");system("/bin/cat flag\n");}else{printf("Wrong Password\n");}close(fd);return 0;
}

看这句话fd=open("/home/mistake/password",O_RDONLY,0400) < 0,fd其实等于0的。
因为运算优先级。
然后输入两个10位数，一个等于另外一个与1的异或运算即可。
比如0000000000，1111111111

更多推荐

pwnable.kr [mistake]

本文发布于:2024-02-14 15:01:35，感谢您对本站的认可！

本文链接:https://www.elefans.com/category/jswz/34/1764073.html