πPwn/Binary Exploitation
Last updated
Last updated
Attachment: atm
Solution:
Unintended way, try all possible exploitation such as binary, numbering, strings, heap, and buffer overflow.
This application vulnerable to numbering exploitation where it does not validate negative value.
Practical way, using the strings to get some understand on how it works.
In general understanding, the application will have initial value without being told. It also will do some calculation on user input where balance will be prompt. In random, to get balance initial value subtract with input value.
Balance = initial value β input value.
Proof that the calculation are make like what we said above. Next letβs check with negative value since in basic subtract with negative value will return positive.
Balance = initial value β (-input value)
No input validation being assigned into this application.
Flag: CYBER{1nputValid4tionisimp0rtant}
Attachment: CMU
Solution:
This time we need to use some reverse engineering skills because strings not showing any interesting part.
Using ghidra, create project and import CMU file. Double click the file.
Under search tab, search for strings and click search.
Click on the readable words because it refers to main function of programs.
Click on fun_00101307 and you will see some code on left side.
Understanding the code because it will help you. Briefly, this code work like, the application will ask for favorited number and the user will input the answer and will be store on local_48. Next it will compare with 0x86187. Convert hex into decimal number, that will be your answer.
Flag : picoCTF{cu7_7h3_bl047_695036e3}
