/prog/ - wargames

Name: Anonymous 2012-03-24 14:13

ugh, /g/ has proven to be too incompetent and full of dilettantes to crack a crackme together, so I'm hoping /prog/ won't disappoint.

Here's a wargame, a hacking puzzle where you get from level to level using knowledge of programming and computers.

http://www.overthewire.org/wargames/vortex/vortex0.shtml

This is a collaborative effort so share what you have. and don't cheat by looking up solutions online. happy hacking

Name: Anonymous 2012-03-24 15:31

#include <stdio.h>

#include <winsock2.h>



/* only runs on Windows, u mad bro?

 * gcc vortex0.c -ovortex0.exe -lWS2_32

 */



int main(void) {

    WSAStartup(MAKEWORD(2,2), &(WSADATA){});

    SOCKET s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);

    struct hostent *h = gethostbyname("vortex.labs.overthewire.org");

    connect(s, (struct sockaddr *)&(struct sockaddr_in) {

        .sin_family = AF_INET,

        .sin_port = htons(5842),

        .sin_addr = *(struct in_addr *)h->h_addr

    }, sizeof(struct sockaddr_in));

    unsigned ints[4];

    int n = 0;

    while (n < sizeof(ints))

        n += recv(s, &((char *)ints)[n], sizeof(ints)-n, 0);

    printf("Received %d %d %d %d\n", ints[0], ints[1], ints[2], ints[3]);

    ints[0] += ints[1] + ints[2] + ints[3];

    send(s, (char *)&ints[0], sizeof(ints[0]), 0);

    char buffer[65536];

    recv(s, buffer, sizeof(buffer), 0);

    printf("%s\n", buffer);

    closesocket(s);

}

Name: Anonymous 2012-03-24 15:43

These challenges are crap. Most of them only work on GNU/Linux.

Name: Anonymous 2012-03-24 18:45

This looks like an interesting challenge.

Name: VP of Sales for NAMBLA 2012-03-24 19:26

>>2
Horrible.

Name: Anonymous 2012-03-24 19:36

>>2



char buffer[65536];

recv(s, buffer, sizeof(buffer), 0);

printf("%s\n", buffer);

I can think of a way to crash your client.

Name: Anonymous 2012-03-25 1:06

>>6
Wow congratulations, you must be extremely talented.

Name: Anonymous 2012-03-25 1:32

>>7



char buffer[65536];

recv(s, buffer, sizeof(buffer), 0);

printf("%s\n", buffer);

One could think of a way to crash your client.

Name: Anonymous 2012-03-25 2:07

>>8
It's not my client, I'm not >>2 and I don't use Windows.
My comment was to you stating the obvious, you can crash most C programs on /prog/ that take input, if you think you're special for being able to figure it out you might be right, but it's not special in a good way.

Name: Anonymous 2012-03-25 2:22

>>9

One could think of a way to crash that client.

Name: Anonymous 2012-03-25 3:09

I just thought of a way to crash my mother, what should I do?

Name: Anonymous 2012-03-26 3:48

>>6
The only problem I see there is that %s is not checked for null-terminality, and thus if you send e. g. 64kB of 0x36 there is some chance that it will go on printing garbage from stack until it either crashes with SIGSEGV or (more likely) just stops printing if there was a single zero anywhere on the stack.

Not sageing because I'm curious if I'm a blind retard.

Name: Anonymous 2012-03-26 10:12

>>3,5,6,8,10
Why don't you faggot(s) write your own clients then since you're obviously much better programmers?

Name: Anonymous 2012-03-26 14:23

>>13
I would rather steal.

Name: Anonymous 2012-03-27 6:08

Who writes C these days for anything other than embed/kernels/--omg-optimized-engines? Even low-level system shit is easier in Python.

#!/usr/bin/env python

import socket as S

import struct as ST



x = S.socket(S.AF_INET, S.SOCK_STREAM, S.IPPROTO_TCP)

x.connect(("vortex.labs.overthewire.org", 5842))

data = x.recv(16)

a, b, c, d = ST.unpack(r"<IIII", data)

x.send(ST.pack(r"<I", a+b+c+d))

print x.recv(65535)

Wrote that in under 3 minutes. The program lacks SYNERGY because I'm not an EXPERT PROGRAMMER.

Name: Anonymous 2012-03-27 8:00

WARGAMES ARE SO RANDUM XDDDDD HACK THE PLANET XDDDDDDDDDDDDDDDDDDDDD

Name: Anonymous 2012-03-27 12:03

>>12
yeah that was it. It isn't serious or anything, but it may have been if you used a strcat to somewhere or something.

wargames

1 Name: Anonymous 2012-03-24 14:13

2 Name: Anonymous 2012-03-24 15:31

3 Name: Anonymous 2012-03-24 15:43

4 Name: Anonymous 2012-03-24 18:45

5 Name: VP of Sales for NAMBLA 2012-03-24 19:26

6 Name: Anonymous 2012-03-24 19:36

7 Name: Anonymous 2012-03-25 1:06

8 Name: Anonymous 2012-03-25 1:32

9 Name: Anonymous 2012-03-25 2:07

10 Name: Anonymous 2012-03-25 2:22

11 Name: Anonymous 2012-03-25 3:09

12 Name: Anonymous 2012-03-26 3:48

13 Name: Anonymous 2012-03-26 10:12

14 Name: Anonymous 2012-03-26 14:23

15 Name: Anonymous 2012-03-27 6:08

16 Name: Anonymous 2012-03-27 8:00

17 Name: Anonymous 2012-03-27 12:03