Skip to main content

About

There is no description available for this level. Investigate the source code and see what you can find out!

Vulnerability Type Stack
Position Independent Executable No
Read only relocations No
Non-Executable stack Yes
Non-Executable heap Yes
Address Space Layout Randomisation Yes
Source Fortification No

Source code

(level12.c) download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
#include "../common/common.c"

/*
 * The aim of this level is to redirect code execution by overwriting an entry
 * in the global offset table.
 */

void callme()
{
  printf("Hmmm, how did this happen?\n");
  system("exec /bin/sh");
}

void echo(char *string)
{
  printf("You said, \"");
  printf(string);
  printf("\"\n");
  fflush(stdout);
}

int main(int argc, char **argv, char **envp)
{
  int fd;
  char *p;

  background_process(NAME, UID, GID); 
  fd = serve_forever(PORT);
  set_io(fd);

  printf("Basic echo server. Type 'quit' to exit\n");

  while(1) {
      char input[1024];
      memset(input, 0, sizeof(input));

      fgets(input, sizeof(input)-1, stdin);
      if(strlen(input) == 0 || strncmp(input, "quit", 4) == 0) {
          exit(0);
      }        
      
      if((p = strchr(input, '\r')) != NULL) *p = 0;
      if((p = strchr(input, '\n')) != NULL) *p = 0;

      echo(input);
  }
}