Duy's Tinkerings

picoCTF 2022 | basic-file-exploit Write-up

Challenge description

The program provided allows you to write to a file and read what you wrote from it. Try playing around with it and see if you can break it! Connect to the program with netcat: $ nc saturn.picoctf.net 49698 The program’s source code with the flag redacted can be downloaded here.

Category: Binary Exploitation

Solution

The challenge provided us with the program’s source code, let’s take a look through and see if we can find anything relevant.

Here we see the flag being mentioned

Let’s switch courses and see how the program actually runs in practice.

Looks like you can store data as well as assign how much of the data you want to store. In this example, I input 1, meaning only the first letter “e” will be stored.

The program gave me an entry number for this data, which we also saw above with the entry_number variable.

Pressing 2 allows us to read the data using the entry number.

If we look closely into the function that reads our stored data:

If we ask for data with the entry_number of 0, it will print the flag instead

And that’s exactly what it did! First flag down.

Leguminosae

, ,
, ,

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: