Username: 
Password: 
Restrict session to IP 
Questions  |  score: 7  |  6.52 8.10 8.19 |  Solved By 171 People  |  61971 views  |  since Dec 24, 2011 - 21:15:51

Training: Warchall - 7 Tropical Fruits (Realistic, Linux, Shell, Exploit, Warchall)

This is level 7 on the warchall box.
You can find the vulnerable binary + sourcecode in "/home/level/07_tropical_fruits/".
You can also view the source here.
Your mission is to exploit it, circumvent the ASLR protection and read a file in the name of the executable.

Good Luck!
GeSHi`ed C code for tropic7.c
1
2
3
4
56
7
8
9
1011
12
13
14
1516
17
18
19
2021
22
23
24
2526
27
28
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
 
void hint(){
        printf("Need to bypass aslr\n");
        exit(0);
}
void vulnfunc(char *input){
        char vulnbuf[300];
        memcpy(vulnbuf, input, strlen(input));
}
int main(int argc, char *argv[]){
        if(argc > 1)
        {
                vulnfunc(argv[1]);
        }        else
        {
                printf("%s <input>\n", argv[0]);
                return 1;
        }        return 0;
}
 
Your solution for Training: Warchall - 7 Tropical Fruits
Answer
© 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021, 2022, 2023 and 2024 by tropic

Say *NO* to advertisements!