![]() The mugiwara function has a standard format string vulnerability that we can use as a WriteWhatWhere primitive. IVar1 = strcmp(local_20,"gomugomunomi\n") If we look at the source code, we can see that there is a "hidden" option, *gomugomunomi*, that calls the function *mugiwara*, also similar to the one piece challenge. This time we are allowed to read 5 bytes into a buffer using the read function, and we can actually execute the 5 byte shellcode using the run command. However the functionallity of the two are different. The menu is similar to the one piece challenge, we can read and run shellcode. ![]() ![]() We can also overwrite GOT if needed, as its only partial RELRO. Note, i did not participate in the ctf, so i solved this challenge after the ctf had ended.Ĭhecksec reveals that its a 32 bit binary with executable stack. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |