Blog
category: Writeups
Categories
Tags
Natas Walkthrough (0-16) - OverTheWire.org
Posted on Nov. 20, 2015
Another fast walthrough of one of the most famous wargames out there.
natas0
The password is in the page source code.
gtVrDuiDfck831PqWsLEZy5gyDz1clto
natas1
Same thing as natas0.
ZluruAthQk7Q2MqmDeTiUij2ZvWy2mBi
natas2
There is a something new on the page: an invisible image 1x1. This is a hint to the directory "/files" where ...
Leviathan Walkthrough - OverTheWire.org
Posted on Nov. 19, 2015
Leviathan is a one of the easiest wargames hosted by the famous website OTW (overthewire.org).
Here is a short walktrough of it's 7 levels :)
leviathan0
For the first level you will easily find the pass inside this file: ~/.backup/bookmarks.html
Password: rioGegei8m
leviathan1
The program check has ...
Shellshock - Pwnable.kr
Posted on Jan. 15, 2016
Shellshock indicates a family of bugs who affected bash, which was disclosed the 24 September 2014 (CVE-2014-6271). For this challenge we need to use it in order to get the flag:
shellshock@ubuntu:~$ ls -l -r-xr-xr-x 1 root shellshock2 959120 Oct 12 2014 bash -r--r----- 1 root shellshock2 47 Oct ...
Random - Pwnable.kr
Posted on Nov. 26, 2015
Let's have a look at random.c:
A little research on google shows that the ^ operator is the XOR bitwise operator, what we need is a key that applied to 'random' using this operator gives us the value 0xdeadbeef.
What's the value of 'random'? It is the result ...
Input - Pwnable.kr
Posted on Jan. 11, 2016
Once logged in we need to have a look to the code source of input: input.c
#include <stdio.h> #include <stdlib.h> #include <string.h> #include <sys/socket.h> #include <arpa/inet.h> int main(int argc, char* argv[], char* envp[]){ printf("Welcome to pwnable.kr\n"); printf ...