Hi i got stuck on this one, do i have to use a BoF ?!?!
i noticed wenn i send a long value to the port i dont get the repsone i usualy get there…
but i have no clue how i can get the binary… to create a exploit…
maybe somone can push me litle bit in the right direction
Hi i got stuck on this one, do i have to use a BoF ?!?!
i noticed wenn i send a long value to the port i dont get the repsone i usualy get there…
but i have no clue how i can get the binary… to create a exploit…
maybe somone can push me litle bit in the right direction
thx
I am also thinking about same …Also downloaded the binary on my local system and use same U r talking about and also experience what BoF gives…still thinking about it
Hi i got stuck on this one, do i have to use a BoF ?!?!
i noticed wenn i send a long value to the port i dont get the repsone i usualy get there…
but i have no clue how i can get the binary… to create a exploit…
maybe somone can push me litle bit in the right direction
thx
I’m stuck here as well Looks like a BoF, but where to get the bin???
Having binary exploitation usually makes me give the box an automatic like, however the rest of this box is pretty bad; I can now see why this box has such bad ratings now.
For user: The source is your friend. Once you get it, remember why this box is rated easy: You don’t need to go through the entire ret2libc-leak-calculate process. If system’s provided to you, but you don’t have the shell string, maybe it’s possible to provide one yourself?
For root: Just using k***2j won’t work. One of the images needs to be used in conjunction with it.
If people are struggling with running the binary with peda - peda sets follow-fork-mode to child whereas vanilla gdb has it as parent by default. You may wish to sed -i 's/follow-fork-mode child/follow-fork-mode parent/g' ~/peda/peda.py (or whever your peda is located).
Everything you need is contained within the binary itself.
Root:
I’m sure you don’t need a hint to find the correct vector.
When you use the right things, it shouldn’t take long at all to get a result.
If people are struggling with running the binary with peda - peda sets follow-fork-mode to child whereas vanilla gdb has it as parent by default. You may wish to sed -i 's/follow-fork-mode child/follow-fork-mode parent/g' ~/peda/peda.py (or whever your peda is located).
Lifesaver, been trying to troubleshoot that forever…
I haven’t done a BOF before. What would be a good first timer tutorial that covers what I need to know for this box? (Feel free to PM instead of posting here if it’s spoiler-ish).
Rooted. Didn’t like this box at all – almost wondering how it even got selected in the first place? Feels like a repeat of another box cough (some will know which I’m referring to).
Anyways, hints:
user
As others have been saying, provide your own shell for yourself. Once you find what you are looking for and break it down, you’ll be able to understand how to get your shell. Don’t read too deep into the binary.
root
Check out what is already given to you. Enumerate it. What is it? What can you do with something like this? This step is extremely CTF-like. Run through each, carefully. You’ll know what to do in the end. Afterwards, give yourself a fully interactive shell and make the switch.
Type your comment> @kckriega said:
I'm stuck here as well :( Looks like a BoF, but where to get the bin???
Hope this comment helps you to get the binary...
Type your comment> @opt1kz said:
Type your comment> @Ketil said:
Would anyone mind dropping some names of techniques which i must have overlooked.
Turn off 90% of your brain and just right-click.
Thanks. Heading over to the shame corner.
and here I was turning my brain on… thanks for the tip
I haven’t done a BOF before. What would be a good first timer tutorial that covers what I need to know for this box? (Feel free to PM instead of posting here if it’s spoiler-ish).
Still learning about BOF, any retired boxes anyone can recommend for me to practice and make use of the VIP service. Feel free to PM me. That’s the best way I learn trying to use the retired boxes and learning as i go with hints from the writeups.