Archive for August 2012

uCon 2009 – CTF Challenge Stack 02   Leave a comment

‘Sup guys…

After all that time giving excuses I finally got some time to finish this post. A few months ago someone threw a challenge in #dclabs, a stack overflow challenge from uCon 2009 with some interesting and curious details, let’s get down to business;

int main (int argc , char *argv[]) {
  if (argc != 2) {
    __print_sw_title(argv[0]);
    return ERRO;
  }

  if (__lets_play(argv[1])) {
    __create_tag(argv[0]);
    printf("\n +-+ Bang ! +-+ \n");
  } else {
    printf("\n Shut your ****** face, uncle *****! \n");
  }

  return OK;
}

...

int __lets_play (char *param) {
  int i = 0;
  char buffer[2];

  for(i = 0; i < strlen(param); i++) {
    if (i % 2)
      buffer[i] = param[rand() % strlen(param)];
    else
      buffer[i] = '\0';
  }

  if ((int) buffer < 0)
    return 0;

  return 1;
}

Before going into the refinements of this challenge that should be rand(), lets dig a small detail that sometimes make this challenge reckless.

Read the rest of this entry »

Advertisements

Posted August 11, 2012 by raph0x88 in Exploiting, Programming, Security