Skip to content

Intruded nº2

Now that we succeeded the first level, let’s go for the second one.

Once connected to the second level you see this :

let’s see the available files and directories :

Let’s explore a bit further :

and a bit further

Finally, a wargame folder

Let’s run the small program :

Let’s use GDB how the software compare the string :

Let’s disassemble the main function :

as we can see :

this is the interesting part, let’s make a break point on the call and analyse it with x/x

We should definitely print the stack :

This looks like our answer

We might (Not always) conclude that the password is only 3 chars, let’s continue the exploration :

Got it …

And see what happens :

anyway another solution could have been to use the ltrace command:

let’s go to the next level 😉

Post a Comment

Your email is never published nor shared. Required fields are marked *