i春秋 - Exploit-Exercises: Nebula - level04
2017-02-25 22:22
417 查看
About
This level requires you to read the token file, but the code restricts the files that can be read. Find a way to bypass it :)Source
#include <stdlib.h> #include <unistd.h> #include <string.h> #include <sys/types.h> #include <stdio.h> #include <fcntl.h> int main(int argc, char **argv, char **envp) { char buf[1024]; int fd, rc; if(argc == 1) { printf("%s [file to read]\n", argv[0]); exit(EXIT_FAILURE); } if(strstr(argv[1], "token") != NULL) { printf("You may not access '%s'\n", argv[1]); exit(EXIT_FAILURE); } fd = open(argv[1], O_RDONLY); if(fd == -1) { err(EXIT_FAILURE, "Unable to open %s", argv[1]); } rc = read(fd, buf, sizeof(buf)); if(rc == -1) { err(EXIT_FAILURE, "Unable to read fd %d", fd); } write(1, buf, rc); }
Nebula官网
程序逻辑
读取指定文件,但是过滤token关键字,然后输出思路
i春秋没改这题的源码与程序,也就是说不会过滤flag关键字,所以直接运行即得flagcd /home/flag04/ ./flag04 flag
相关文章推荐
- i春秋 - Exploit-Exercises: Nebula - level01
- i春秋 - Exploit-Exercises: Nebula - level02
- i春秋 - Exploit-Exercises: Nebula - level03
- i春秋 - Exploit-Exercises: Nebula - level06
- i春秋 - Exploit-Exercises: Nebula - level00
- i春秋 - Exploit-Exercises: Nebula - level05
- 从 Exploit Exercises Nebula 中总结linux的基础漏洞和一些小知识点
- Exploit Exercise Nebula 5 Level 00
- exploit-exercises-protostar
- Exploit Exercises Protostar Stack Part 0-7
- exploit-exercises-protostar
- Nebula_Level04
- ExploitExercises_Nebula_Level04
- Nebula level04
- 高级返回库函数exploit代码实现
- 【分析】如何写远程自动精确定位的format string exploit
- Microsoft Windows CSRSS Local Privilege Escalation Exploit (MS05-018)
- Microsoft PowerPoint 2003 SP2 Local Code Execution Exploit
- 如何寻找你要的Exploit
- [Exploit]IE NCTAudioFile2.AudioFile ActiveX Remote Stack Overfl0w