Only problem is there’s no ssh login for the bof challenge (remember, you had to submit the answer with netcat?). So our strategy will be to compile the program on the pwnable.kr server.
But compiling the program on your local machine can produce a different result if it’s a different architecture (which is likely). It would be nice to be able to recompile the program with debugging information. or can it? Let’s try to debug the program and find out. The user can’t control the key variable, and therefore cannot make the if statement evaluate as True…. On first glance it seems like we’re stuck.
If they’re equal, it prints the flag, otherwise it exits. Finally, it compares the input integer key to the hex value 0xcafebabe. Then func() accepts up to 32 characters of input from the user. We can see the main() function calls a function func() with the 32-bit hexidecimal value 0xdeadbeef.
0 kommentar(er)
