Programming

dimanche 24 novembre 2019, 12:35  #1
ELF x64 - Shellcoding - Sheep warmup
Throne6g
Throne6g
  • 9 posts

Hello !

I’m stuck with this challenge. I wrote a shellcode that gives me a shell, however after its execution i have id programmation-ch12 not programmation-ch12-cracked. I execute it on the server after connecting via SSH using pwnlib in the same way as I did in many binary explotations challs. Shellcode is the most common open /bin/sh.

Can someone help me with this please ? I do not understand why this is happening.

dimanche 24 novembre 2019, 13:51  #2
ELF x64 - Shellcoding - Sheep warmup
Th1b4ud
Th1b4ud
  • 1636 posts

Look at this : https://en.wikipedia.org/wiki/Setuid

lundi 25 novembre 2019, 09:35  #3
ELF x64 - Shellcoding - Sheep warmup
Throne6g
Throne6g
  • 9 posts

Hi !

Of course i know about setuid. This is the problem, this is the SUID binary. However, shellcode that he executes is executed not from the user programmation-ch12-cracked. And I don’t understand, maybe this is due to some kind of my mistake, or the chall is broken.

lundi 25 novembre 2019, 12:25  #4
ELF x64 - Shellcoding - Sheep warmup
NonStandardModel
NonStandardModel
  • 42 posts

Hello,
the challenge is not broken. I invite you to read this thread :
https://www.root-me.org/?page=forum&id_thread=12931&lang=en
On the other hand, think about what do you really need. Do you really need shell or can you do with less ?
NonStandardModel

lundi 25 novembre 2019, 16:12  #5
ELF x64 - Shellcoding - Sheep warmup
Throne6g
Throne6g
  • 9 posts

Thank you so much ! I didn’t know about this security mechanism

Nouvelle réponse Nouvelle réponse   Nouveau sujet Nouveau sujet