Crackmes

Author:
BitFriends

Language:
C/C++

Upload:
12:53 PM 05/27/2020

Download

Platform
Unix/linux etc.

Difficulty:
3.0

Quality:
4.0

Arch:
x86-64

Description

Welcome to another crackme. You have to get a shell. Note that patching is not allowed. You have to have aslr on. Otherwise it is not a valid solution. Turn it on with "sudo echo 2 /proc/sys/kernel/randomize_va_space". Good luck!

Comments
Solutions

Cr4ckC0ca1n3 on 4:47 PM 08/21/2020: SPOILERALERTPARTIALSOLUTIONSPOILERALERTPARTIALSOLUTIONSPOILERALERTPARTIALSOLUTIONSPOILERALERTPARTIALSOLUTION Do NOT read this if you do not want the challenge to be spoiled!!!! why does this not work? (python2) import struct padding = "g/bin/sh\x00QEZz0YPYGti4vBCKQ45XiBJycuSFfXDryxwoH04XteKs6gCSIsmJoQgD3OGiAUj" #"gQ3vlXjt1QEZz0YPYGti4vBCKQ45XiBJycuSFfXDryxwoH04XteKs6gCSIsmJoQgD3OGiAUj" eip = struct.pack("L", 0x7ffff7a33440) nops = "\x90"*100 payload = "\xcc\xcc\xcc\xcc" print(padding + eip + nops + payload) igonre the payload and the comment. Do NOT read this if you do not want the challenge to be spoiled!!!! SPOILERALERTPARTIALSOLUTIONSPOILERALERTPARTIALSOLUTIONSPOILERALERTPARTIALSOLUTIONSPOILERALERTPARTIALSOLUTIONSPOILERALERTPARTIALSOLUTIONSPOILERALERTPARTIALSOLUTION

BitFriends on 6:14 PM 09/29/2020: Firstly, aslr is on, which you have to defeat somehow. Secondly, NX is also on, which means no shellcode can be executed.

BitFriends on 6:14 PM 09/29/2020: On the stack at least

loop on 11:21 AM 11/07/2020: SPOILERALERTPARTIALSOLUTIONSPOILERALERTPARTIALSOLUTIONSPOILERALERTPARTIALSOLUTIONSPOILERALERTPARTIALSOLUTION does it also need slicing buffer when receving

You must me logged to submit a solution

crackmes.one

crackmes.one

BitFriends's bit