[Very Easy] Bypass the 'firewall' (Pascal)

totti93 · October 20, 2012

Mi-am adus aminte ca pe vremea lui Flinstones era un limbaj numit Pascal. Am facut un challenge micut pentru cei care cunosc limbajul.

Singura cerinta este sa treceti de firewall, astfel incat sa va apara mesajul 'Welcome user!'.

Usage:


~$ ./challenge <password>

Codul sursa:


program challenge;

{ Bypass this }
procedure firewall(var data : string);
begin
	data := data + 'x';
end;
{ ---------- }

var
	password : string;
begin
	writeln('Welcome to challenge');
	writeln;
	if ParamCount < 1 then
	begin
		writeln('Error! No login data found');
		writeln('Usage: ./challenge <password>');
		halt(0);
	end;
	password := ParamStr(1);
	firewall(password);
	if pos('x', password) = 0 then
		writeln('Welcome user!')
	else
		writeln('Incorect password!');
end.

Compilat (Linux 32 biti, compilator FPC): http://pastebin.com/raw.php?i=JqgVMB2x

Cei cu Windows vor trebui sa compileze singuri.

Raspunsuri prin PM + Explicatii / Demonstratii!

Success!

NU AVETI VOIE SA MODIFICATI SURSA!

Solvers:


shaggi
Nebuchadnezzar

Edited October 25, 2012 by totti93

totti93 · October 25, 2012

Up!

Edited October 25, 2012 by totti93

Nebuchadnezzar · October 25, 2012

Am creat un executabil care rezolva challenge-ul

Firewall bypass exploit

Pentru a lasa si celorlati posibilitatea de a rezolva challenge-ul am publicat doar codul binar.

TODO:

1.Puneti fisierul executabil firewall in acelasi director cu fisierul bypass (e important ca numele fisierului sa fie firewall)

2.Rulati executabilul bypass

L-am compilat pentru Linux 32 biti.

Edited October 25, 2012 by Nebuchadnezzar

totti93 · October 29, 2012

GAME OVER

Rezolvare:

Datele de tip string au o lungime de 256 bytes, primul byte reprezinta lungimea stringului. Daca introducem un string de lungime >= 255 care nu contine niciun caracter 'x', atunci acel + 'x' nu va intra in acel string.


~$ ./challenge AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

bcman · October 29, 2012

GAME OVER
Rezolvare:
Datele de tip string au o lungime de 256 bytes, primul byte reprezinta lungimea stringului. Daca introducem un string de lungime >= 255 care nu contine niciun caracter 'x', atunci acel + 'x' nu va intra in acel string.
~$ ./challenge AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

M-am gândit la acest mod de rezolvare. P?cat c? am uitat teoria (partea cu lungimea de 256 de bytes) ?i atunci nu am încercat numai cu vreo 150 de carctere Challengeul în sine nu a fost greu (ideea mi-a venit destul de repede), dar oricum a fost interesant.

Sign In

[Very Easy] Bypass the 'firewall' (Pascal)

Recommended Posts

totti93

totti93

Nebuchadnezzar

totti93

bcman

Join the conversation

Browse

Activity

Pages