🌌
N/B Writeups
  • CTF Writeups
  • CTFs
    • 2019
      • OverTheWire Advent
    • 2020
      • Midnight Sun
      • Things I learned from DarkCTF
  • Pwnable.kr
    • 01 - fd
    • 02 - col
    • 03 - bof
    • 04 - flag
    • 05 - passcode
    • 06 - random
    • 07 - input
    • 08 - leg
    • 09 - mistake
    • 10 - Shellshock
    • 11 - coin1
    • 12 - blackjack
    • 13 - lotto
    • 14 - cmd1
    • 15 - cmd2
    • 16 - uaf
    • 17 - memcpy
    • 18 - asm
    • 20 - blukat
    • 21 - horcruxes
    • 33 - echo1
    • 34 - echo2
    • 43 - coin2
  • More Pwn
    • Protostar - format4
  • Lord of SQLI
    • Lord of SQLI
Powered by GitBook
On this page
  • The Challenge
  • The Solution

Was this helpful?

  1. Pwnable.kr

09 - mistake

Previous08 - legNext10 - Shellshock

Last updated 4 years ago

Was this helpful?

The Challenge

We all make mistakes, let's move on. (don't take this too seriously, no fancy hacking skill is required at all)

This task is based on real event, Thanks to dhmonkey.

hint: operator priority

ssh mistake@pwnable.kr -p2222 (pw:guest)

The Solution

As the hint suggests the problem lies in the operator priority.

The file "password" opens successfully, but the file descriptor is larger than 0, so the equasion will evaluate to false (0). now that the file descriptor is STDIN we can provide the right input. We used "BBBBBBBBBB" and "CCCCCCCCCC".