Binary Exploitation
Last updated
Last updated
Challenge | Link |
---|---|
Shell(a.k.a sh) is a text-based interface where users can type commands to interact with the operating system. I'm trying to implement a shell using ISA, I call it ISH.
Note: This challenge is the first part of the ISH fullchain, execute flag1 file in ish to get the flag.
Note: ISH (1), ISH (2) and ISH (3) share the same environment, and it is recommended to solve the ISH fullchain challenges in order.
Note: Here is the full documentation and ISA interpreter source code if you need more references.
Challenge: https://c58a-ish-1.hkcert24.pwnable.hk?id=2
Playground: https://c58b-ish-2.hkcert24.pwnable.hk?id=1
There is a buffer overflow on URL in curl command. With the overflow we can overwrite the filename for the binary that will be executed by command game. So the idea is to find how to make the curl still valid with the overflow and then overwrite the filename with flag1. Below is my payload
Flag:
ISH(1) (200 pts)