解いた. 常設なのでwrite upは書けないが,ハリネズミ本のpwnの章を理解していれば問題ない. セキュリティ機構としてPIEが有効になっていることを除けばそこまで苦労しなかった. 今後もちまちまpwn challenges list 進めていきます.
下調べ mattun-mart@4ctf:~/Workspace/pwn/easy/PWN200$ file heaptaskforbin | sed -e 's/,/\n/g' heaptaskforbin: ELF 32-bit LSB executable Intel 80386 version 1 (SYSV) dynamically linked interpreter /lib/ld-linux.so.2 for GNU/Linux 2.6.15 Buil…
下調べ mattun-mart@4ctf:~/Workspace/pwn/easy/ezhp$ file ezhp | sed -e "s/,/\n/g" ezhp: ELF 32-bit LSB executable Intel 80386 version 1 (SYSV) dynamically linked interpreter /lib/ld-linux.so.2 for GNU/Linux 2.6.24 BuildID[sha1]=76bda55f9764…
下調べ mattun-mart@4ctf:~/Workspace/pwn/easy/bin_pwn_300$ file chal |sed -e "s/,/\n/g" chal: ELF 32-bit LSB executable Intel 80386 version 1 (SYSV) dynamically linked interpreter /lib/ld-linux.so.2 for GNU/Linux 2.mattun-mart@4ctf:~/Worksp…
下調べ mattun-mart@4ctf:~/Workspace/pwn/easy/heap$ file heap | sed -e "s/,/\n/g" heap: ELF 32-bit LSB executable Intel 80386 version 1 (SYSV) dynamically linked interpreter /lib/ld-linux.so.2 for GNU/Linux 2.6.24 BuildID[sha1]=1b4e88004c13…
下調べ mattun-mart@4ctf:~/Workspace/pwn/easy/ropasaurusrex$ file ropasaurusrex | sed -e "s/,/\n/g" ropasaurusrex: ELF 32-bit LSB executable Intel 80386 version 1 (SYSV) dynamically linked interpreter /lib/ld-linux.so.2 for GNU/Linux 2.6.18…
下調べ mattun-mart@4ctf:~/Workspace/pwn/baby/greeting$ file greeting |sed -e "s/,/\n/g" greeting: ELF 32-bit LSB executable Intel 80386 version 1 (SYSV) dynamically linked interpreter /lib/ld-linux.so.2 for GNU/Linux 2.6.24 BuildID[sha1]=b…
下調べ mattun-mart@4ctf:~/Workspace/pwn/baby/xkcd$ file xkcd |sed -e "s/,/\n/g" xkcd: ELF 64-bit LSB executable x86-64 version 1 (GNU/Linux) statically linked for GNU/Linux 2.6.32 not strippedmattun-mart@4ctf:~/Workspace/pwn/baby/xkcd$ che…
下調べ mattun-mart@4ctf:~/Workspace/pwn/baby/r0pbaby$ file r0pbaby | sed -e "s/,/\n/g" r0pbaby: ELF 64-bit LSB shared object x86-64 version 1 (SYSV) dynamically linked interpreter /lib64/ld-linux-x86-64.so.2 for GNU/Linux 2.6.24 strippedma…
下調べ mattun-mart@4ctf:~/Workspace/pwn/baby/babyecho$ file babyecho | sed -e "s/,/\n/g" babyecho: ELF 32-bit LSB executable Intel 80386 version 1 (SYSV) statically linked for GNU/Linux 2.6.24 BuildID[sha1]=c9a66685159ad72bd157b521f05a85e2…
下調べ mattun-mart@4ctf:~/Workspace/pwn/baby/Exploitation4$ file miteegashun | sed -e "s/,/\n/g" miteegashun: ELF 32-bit LSB executable Intel 80386 version 1 (SYSV) statically linked for GNU/Linux 2.6.24 BuildID[sha1]=41bbe92f629cbca978445…
下調べ mattun-mart@4ctf:~/Workspace/pwn/baby/Exploitation3$ file fil_chal | sed -e "s/,/\n/g" fil_chal: ELF 32-bit LSB executable Intel 80386 version 1 (SYSV) dynamically linked interpreter /lib/ld-linux.so.2 for GNU/Linux 2.6.24 BuildID[s…
更新出来ていなかったけど,今日からまた再開. Exploitation2,3,4,babyecho,r0pbabyまでは解いているので,復習がてらそれぞれの問題を今後まとめていく. 下調べ mattun-mart@4ctf:~/Workspace/pwn/baby/Exploitation2$ file exploit2 | sed -e "s/,/\n/g…
下調べ mattun-mart@4ctf:~/pwn/baby/pwn200$ file bf | sed -e "s/,/\n/g" bf: ELF 32-bit LSB executable Intel 80386 version 1 (SYSV) dynamically linked (uses shared libs) for GNU/Linux 2.6.24 BuildID[sha1]=8438f7625e966b84aced94359daa8d3d15cd…
下調べ mattun-mart@4ctf:~/pwn/baby/12345$ file 12345 | sed -e "s/,/\n/g" 12345: ELF 32-bit LSB executable Intel 80386 version 1 (SYSV) dynamically linked (uses shared libs) for GNU/Linux 2.6.24 BuildID[sha1]=09a2a7c2ebaff247534af024496e08f…
下調べ mattun-mart@4ctf:~/pwn/baby/23456$ file 23456 | sed -e "s/,/\n/g" 23456: ELF 32-bit LSB executable Intel 80386 version 1 (SYSV) dynamically linked (uses shared libs) for GNU/Linux 2.6.24 BuildID[sha1]=438f6363ee8ae76620a941c2cc0eb23…
下調べ mattun-mart@4ctf:~/pwn/baby/4842$ file 4842 | sed -e "s/,/\n/g" 4842: ELF 32-bit LSB executable Intel 80386 version 1 (SYSV) dynamically linked (uses shared libs) for GNU/Linux 2.6.24 BuildID[sha1]=0112d6a8144d6184e2c9ff7d4882c4099f…
下調べ mattun-mart@4ctf:~/pwn/baby/vuln300$ file vuln300 | sed -e "s/,/\n/g" vuln300: ELF 32-bit LSB executable Intel 80386 version 1 (SYSV) dynamically linked (uses shared libs) for GNU/Linux 2.6.18 BuildID[sha1]=4bc2aae29f861432a873713b1…
下調べ mattun-mart@4ctf:~/pwn/baby/vuln200$ file vuln200 | sed -e "s/,/\n/g" vuln200: ELF 32-bit LSB executable Intel 80386 version 1 (SYSV) dynamically linked (uses shared libs) for GNU/Linux 2.6.24 BuildID[sha1]=b0adbe78fb249940c782b5118…
下調べ mattun-mart@4ctf:~/pwn/baby/vuln100$ file vuln100 | sed -e "s/,/\n/g" vuln100: ELF 64-bit LSB executable x86-64 version 1 (SYSV) dynamically linked (uses shared libs) for GNU/Linux 2.6.24 BuildID[sha1]=405654ce20fe1b9e5b8cd57c1299ce…
下調べ $ file funnybusiness | sed -e "s/,/\n/g" funnybusiness: ELF 32-bit LSB executable Intel 80386 version 1 (SYSV) dynamically linked (uses shared libs) for GNU/Linux 2.6.24 BuildID[sha1]=97b05818b1ef9a9383e922e10e1e43ce7a96389e strippe…
下調べ shiftd: ELF 64-bit LSB executable x86-64 version 1 (SYSV) dynamically linked (uses shared libs) for GNU/Linux 2.6.24 BuildID[sha1]=910854336439f51f20ebad1a772e36df392012ab stripped$ checksec.sh --file shiftd RELRO STACK CANARY NX PI…
解けた...が常設CTFなのでまとめることができない. ハリネズミ本をやったことがあればすぐに解ける.
CTFの勉強pwn中心でやっていこうと思ってる. ハリネズミ本は一通りやったので,bataさんのpwnlistをちまちま消化して行く予定. できれば,10月中旬までにbaby問題を終わらせたい. 勉強したものはここにまとめていく.