0x0 App - System

lundi 1er janvier 2018, 16:02  #1
App - System - Format string bug basic 1
Lambosan
  • 2 posts

I completed this challenge by brute force.

But I do not want to use this way. I tried debugging (gdb) and the value of the buffer (0xbffffb7c) is "\ 221 \ 205 \ 004 \ bp \ 205 \ 004 \ b0 \ 204 \ 004 \ b". But I no understand what it is. Can anyone explain or point out I was wrong ?


4.png
4.png
 (PNG, 30.7 ko)
dimanche 13 mai 2018, 05:54  #2
App - System - Format string bug basic 1
coconuthead
  • 7 posts

You dumped the contents of the buffer before the call to fgets (or at least it looks like you did). You need to inspect the contents after the call, otherwise it’s just whatever happens to be sitting at the address.

I am not able to do this, however. The fopen call fails when I attempt to debug using gdb. Did you run into this issue ? I observe that fopen fails and, as a result, the FILE* is set to NULL. So then the code attempts to fgets with a NULL pointer, causing a failure.

mercredi 8 août 2018, 20:36  #3
App - System - Format string bug basic 1
X_iled
  • 2 posts

I’m also seeing this. fopen() returns NULL and so fgets fails when I run it in GDB . No such issue when run from the terminal shell. Any clue as to why this happens.


<a class="button tiny radius" href="./?page=forum&amp;id_thread=8050&amp;id_article=768&amp;poster=oui#forum_poster" title="Nouvelle r&eacute;ponse" onclick="load_forum_poster(); return false;" >Nouvelle réponse Nouvelle réponse   Nouveau sujet Nouveau sujet