Protostar Walkthrough Stack — 2
Welcome Back :)
Hope you have checked out my previous blog on Stack 0 and Stack 1. If not, do check them out as I have explained the basic concepts of the Stack and Little-endian format.
This challenge is based on setting an environment variable. The source code is given below:
Let us try to analyze the code. We can see the “variable” is having a function getenv(). This function gets the environment variables.
For now, keep environment variables as the variables in your terminal or shell.
Pretty simple right! Now, let us start analyzing further. The vulnerable command here is strcpy. and the if(modified == 0x0d0a0d0a) is the bypass .
So again, as we did in the previous challenge we modify the “modified” variable by using the environment variable.
A pretty straightforward exploit. Just fill up the buffer and overwrite the “modified” variable in the Little-endian format. Don’t forget to export your environment variable.
The next challenge will be posted soon! Until then, goodbye!
