UNLE⛧SH THE BEAST ト何ゼ
| [MENU] | |||||||||
| [THOUGHTS] | [TECH RESOURCES] | [TRASH TALK] | |||||||
| [DANK MEMES] | [FEATURED ARTISTS] | [W] | |||||||
pwnable.kr [Part II] fd
Oct. 2, 2020 // echel0n
Mommy! what is a file descriptor in Linux?
File descriptor is an integer value that defined in uinstd.h.
- /* standard file descriptors. */
- #define stdin_fileno 0 /* standard input. */
- #define stdout_fileno 1 /* standard output. */
- #define stderr_fileno 2 /* standard error output. */
The challenge source code is:
- #include <stdio.h>
- #include <stdlib.h>
- #include <string.h>
- char buf[32];
- int main(int argc, char* argv[], char* envp[]){
- if(argc<2){
- printf("pass argv[1] a number\n");
- return 0;
- }
- int fd = atoi( argv[1] ) - 0x1234;
- int len = 0;
- len = read(fd, buf, 32);
- if(!strcmp("LETMEWIN\n", buf)){
- printf("good job :)\n");
- system("/bin/cat flag");
- exit(0);
- }
- printf("learn about Linux file IO\n");
- return 0;
-
- }
Binary goes like this:
1) gets an integer value
2 substracts with 0x1234 (4460).
3) calls read() function with this integer.
4) calls strcmp() function
5) "LETMEWIN" string is in the buffer, It reads the flag file.
If we would set int fd value to zero, we can give LETMEWIN string as input. (stdin)
To do so, we should pass 4660 number as first argument, then program will wait for stdin.