SHOW:
|
|
- or go back to the newest paste.
| 1 | ; Dr Gareth Owen, University of Greenwich, England. | |
| 2 | ; Explanation: http://gchqchallenge.blogspot.com | |
| 3 | ||
| 4 | // licence file to contain | |
| 5 | // gchqcyberwinAAAABBBBCCCC | |
| 6 | int main(int argc, char **argv) {
| |
| 7 | char buf[0x18]; | |
| 8 | long *longPtr = NULL; | |
| 9 | ||
| 10 | if(argc != 1) | |
| 11 | {
| |
| 12 | // display usage and exit | |
| 13 | } | |
| 14 | ||
| 15 | memset(buf, 0, 0x18); // clear buffer | |
| 16 | ||
| 17 | FILE *in = fopen("license.txt", "r");
| |
| 18 | fscanf(in, "%s", buf); // buffer overflow vulnerability - tut tut! | |
| 19 | fclose(in); | |
| 20 | ||
| 21 | &longPtr = &buf; | |
| 22 | if(*longPtr != 0x71686367) // first 4 bytes = 'gchq'? | |
| 23 | {
| |
| 24 | // error & exit | |
| 25 | } | |
| 26 | ||
| 27 | if(strcmp(crypt(buf[4], "hq"), "hqDTK7b8K2rvw")) { //hash next 8 bytes and compare with our hash
| |
| 28 | // invalid code - exit | |
| 29 | } | |
| 30 | ||
| 31 | ||
| 32 | // everything has checked out - construct URL | |
| 33 | // of format /hqDTK7b8K2rvw/XX/XX/XX/key.txt | |
| 34 | - | } |
| 34 | + | |
| 35 | // connect to hostname supplied on command line | |
| 36 | ||
| 37 | } | |
| 38 | ||
| 39 |
