pwnable_fd

ssh fd@pwnable.kr -p2222 (pw:guest)


pwnable
 
fd@ubuntu:~$ cat fd.c
  1. #include <stdio.h>
  2. #include <stdlib.h>
  3. #include <string.h>
  4. char buf[32];
  5. int main(int argc, char argv[], char envp[]){
  6. if(argc<2){
  7. printf(“pass argv[1] a number\n”); //输入一个命令行参数
  8. return 0;
  9. }
  10. int fd = atoi( argv[1] ) - 0x1234; // 0x1234 >> 4660
  11. int len = 0;
  12. len = read(fd, buf, 32);
  13. if(!strcmp(“LETMEWIN\n”, buf)){ //字符串比较
  14. printf(“good job :)\n”);
  15. system(“/bin/cat flag”);
  16. exit(0);
  17. }
  18. printf(“learn about Linux file IO\n”);
  19. return 0;
  20. }

->>
20146905.png
 




```