Results 1 to 2 of 2

Thread: Need Help with String Format Vulnerabilities and Exploitation Share/Save - My123World.Com!

  1. #1

    Need Help with String Format Vulnerabilities and Exploitation

    I'm struggling trying to find out how to do this. Can anyone help?

    Complete each of the following tasks for lab_passwd_check and include the following in
    your writeup: the input used to complete the task, an explanation of why it worked, and a
    screen shot of the terminal when completing the task.
    1. Find an input to lab_passwd_check that directly prints the “secret”. Include this in
    your writeup.
    2. Find an input to lab_passwd_check that overwrites the return value (retVal) with
    any value. This will print “Success!” in addition to printing the secret word you
    accessed in part 1.
    3. Find an input to lab_passwd_check that overwrites the return value (retVal) with
    100. This should produce another secret word to include in your writeup.
    Extra credit: Find an input to lab_passwd_check that overwrites the return value with the
    value of 2. This should produce another secret word to include in your writeup.

  2. #2
    Garage Member
    Join Date
    Sep 2010
    Location
    Chennai
    Posts
    83
    Blog Entries
    1
    Quote Originally Posted by tunnie View Post
    I'm struggling trying to find out how to do this. Can anyone help?

    Complete each of the following tasks for lab_passwd_check and include the following in
    your writeup: the input used to complete the task, an explanation of why it worked, and a
    screen shot of the terminal when completing the task.
    1. Find an input to lab_passwd_check that directly prints the “secret”. Include this in
    your writeup.
    2. Find an input to lab_passwd_check that overwrites the return value (retVal) with
    any value. This will print “Success!” in addition to printing the secret word you
    accessed in part 1.
    3. Find an input to lab_passwd_check that overwrites the return value (retVal) with
    100. This should produce another secret word to include in your writeup.
    Extra credit: Find an input to lab_passwd_check that overwrites the return value with the
    value of 2. This should produce another secret word to include in your writeup.
    Please provide some link as to where you are referring the task from! Also, read this : http://crypto.stanford.edu/cs155old/...string-1.2.pdf

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •