Programming

Sunday 24 November 2019, 12:35  #1
ELF x64 - Shellcoding - Sheep warmup
Throne6g
Throne6g
  • 9 posts

Hello!

I’m stuck with this challenge. I wrote a shellcode that gives me a shell, however after its execution i have id programmation-ch12 not programmation-ch12-cracked. I execute it on the server after connecting via SSH using pwnlib in the same way as I did in many binary explotations challs. Shellcode is the most common open /bin/sh.

Can someone help me with this please? I do not understand why this is happening.

Sunday 24 November 2019, 13:51  #2
ELF x64 - Shellcoding - Sheep warmup
Th1b4ud
Th1b4ud
  • 1636 posts

Look at this : https://en.wikipedia.org/wiki/Setuid

Monday 25 November 2019, 09:35  #3
ELF x64 - Shellcoding - Sheep warmup
Throne6g
Throne6g
  • 9 posts

Hi!

Of course i know about setuid. This is the problem, this is the SUID binary. However, shellcode that he executes is executed not from the user programmation-ch12-cracked. And I don’t understand, maybe this is due to some kind of my mistake, or the chall is broken.

Monday 25 November 2019, 12:25  #4
ELF x64 - Shellcoding - Sheep warmup
NonStandardModel
NonStandardModel
  • 42 posts

Hello,
the challenge is not broken. I invite you to read this thread:
https://www.root-me.org/?page=forum&id_thread=12931&lang=en
On the other hand, think about what do you really need. Do you really need shell or can you do with less?
NonStandardModel

Monday 25 November 2019, 16:12  #5
ELF x64 - Shellcoding - Sheep warmup
Throne6g
Throne6g
  • 9 posts

Thank you so much! I didn’t know about this security mechanism

New reply New reply   New topic New topic