Home

pwn staff This is an easy challenge but requires careful observation and code analysis to solve. challenge files if you observe, instuctor string is printed at the end of the both functions, but is unreachable in one of the functions // find_instructor() printf("Professor %s will teach %s, but we'll probably change our minds the week before...

Mom? how can I pass my input to a computer program? ssh input2@pwnable.kr -p2222 (pw:guest) so here also we have three files input2@pwnable:~$ ls -l total 24 -r--r----- 1 input2_pwn root 55 Jun 30 2014 flag -r-sr-x--- 1 input2_pwn input2 13250 Jun 30 2014 input -rw-r--r-- 1 root root 1754 Jun 30 2014 input.c input.c #incl...

Daddy, teach me how to use random value in programming! ssh random@pwnable.kr -p2222 (pw:guest) three files on the ssh server : random,random.c,flag downloading for better analysis: ~/Downloads/pwnabl/random ❯ scp -P 2222 random@pwnable.kr:~/random.c ./ random@pwnable.kr's password: random.c 100% 301 0.7KB/s ...

Mommy told me to make a passcode based login system. My initial C code was compiled without any error! Well, there was some compiler warning, but who cares about that? ssh passcode@pwnable.kr -p2222 (pw:guest) So on the ssh server we have three files, we can download passcode and passcode.c to better examine them ❯ scp -P 2222 passcode@pw...

Papa brought me a packed present! let’s open it. Download : http://pwnable.kr/bin/flag This is reversing task. all you need is binary So in this challenge we are given a binary, no src code. So, first the file command ❯ file flag flag: ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux), statically linked, no section header hmmm, ver...

Nana told me that buffer overflow is one of the most common software vulnerability. Is that true? Download : http://pwnable.kr/bin/bof Download : http://pwnable.kr/bin/bof.c Running at : nc pwnable.kr 9000 Method 1 : without pwntools bof.c #include <stdio.h> #include <string.h> #include <stdlib.h> void func(int key){ cha...

Daddy told me about cool MD5 hash collision today. I wanna do something like that too! ssh col@pwnable.kr -p2222 (pw:guest) apparently there is something called collision in hashes when two hashes become equal, read about it later. This also has a flag , and an binary file which can access the flag file content. Fortunately , the source cod...

Required Knowledge : what are file descriptors default file desciptors for stdin ssh [fd@pwnable.kr](mailto:fd@pwnable.kr) -p2222 On carefully looking at the code, we can see that we need to read LETMEWIN string from the file desciptor fd which is determined by the argument of the binary. So we can make fd = 0 to read from stdin and ...