dimanche 31 août 2014

How to exploit the following code to get shell or run command as another user


Vote count:

0




I Have the following code I would like to exploit as part of an IT-Sec hobby game, but I have no clue how to exploit the code, although I believe I understand the principles...



#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
#include <string.h>

int main( int argc, char *argv[]) {
char buf[256]; // I believe this is merely a buffer we have to overflow
setuid ( getuid() ); // I know what setuid does, but why getuid???
strcpy(buf, argv[1]); // send argument1 to buf (not sure why, buffer overflow?)
return 0; // end main loop, i.e. finish execution
}


How do I use it to get escalated privileges, or is that not it's use? I am playing around with an IT-Sec VM, but this really has me baffled... I do know it produces a segmentation fault if executed with no arguments, and that supplying one argument gets over this, but I am unsure what to put in argument to make argv[1] allow me to access some other code.


Thx in advance



asked 39 secs ago







How to exploit the following code to get shell or run command as another user

Aucun commentaire:

Enregistrer un commentaire