She sells sea shells6 min read

Hey guys! Here there is another writeup of a pwn of the HackCon18 ctf. The challenge She Sells Sea Shells was a very easy pwn based on buffer overflow, where you can simply put a shellcode in buffer and jump on it!

First step is a normal checksec for see all protection implemented:

Copy to Clipboard

Nothing enable! Try now to execute this binary:

Copy to Clipboard

Yep, a simple buffer overflow. Note that there is an address in the output of binary. Let’s see what is this address with gdb examining the core dump created:

Copy to Clipboard

how we can see this address is the init of our buffer, then we can put our shellcode at this address and exec it. Now compute the size of buffer:

Copy to Clipboard

where 8 is the size of return address. Now we can insert all information in a script:

Copy to Clipboard

and run it:

Copy to Clipboard

Recent Tweets

For privacy reasons Twitter needs your permission to be loaded.
I Accept
2018-08-17T21:51:17+00:00

About the Author:

Leave A Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.