Blog category: Writeups

Tags

Natas Walkthrough (0-16) - OverTheWire.org

Posted on Nov. 20, 2015

Another fast walthrough of one of the most famous wargames out there.

natas0

The password is in the page source code.

gtVrDuiDfck831PqWsLEZy5gyDz1clto

natas1

Same thing as natas0.

ZluruAthQk7Q2MqmDeTiUij2ZvWy2mBi

natas2

There is a something new on the page: an invisible image 1x1. This is a hint to the directory "/files" where ...


Leviathan Walkthrough - OverTheWire.org

Posted on Nov. 19, 2015

Leviathan is a one of the easiest wargames hosted by the famous website OTW (overthewire.org).

Here is a short walktrough of it's 7 levels :)

leviathan0

For the first level you will easily find the pass inside this file: ~/.backup/bookmarks.html

Password: rioGegei8m

leviathan1

The program check has ...


Shellshock - Pwnable.kr

Posted on Jan. 15, 2016

Shellshock indicates a family of bugs who affected bash, which was disclosed the 24 September 2014 (CVE-2014-6271). For this challenge we need to use it in order to get the flag:

shellshock@ubuntu:~$ ls -l
-r-xr-xr-x 1 root shellshock2 959120 Oct 12  2014 bash
-r--r----- 1 root shellshock2     47 Oct ...


Random - Pwnable.kr

Posted on Nov. 26, 2015

Let's have a look at random.c:

Code random.c

A little research on google shows that the ^ operator is the XOR bitwise operator, what we need is a key that applied to 'random' using this operator gives us the value 0xdeadbeef.

What's the value of 'random'? It is the result ...


Input - Pwnable.kr

Posted on Jan. 11, 2016

Once logged in we need to have a look to the code source of input: input.c

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/socket.h>
#include <arpa/inet.h>

int main(int argc, char* argv[], char* envp[]){
    printf("Welcome to pwnable.kr\n");
    printf ...