SHOW:
|
|
- or go back to the newest paste.
1 | ; Dr Gareth Owen, University of Greenwich, England. | |
2 | ; Explanation: http://gchqchallenge.blogspot.com | |
3 | ||
4 | // licence file to contain | |
5 | // gchqcyberwinAAAABBBBCCCC | |
6 | int main(int argc, char **argv) { | |
7 | char buf[0x18]; | |
8 | long *longPtr = NULL; | |
9 | ||
10 | if(argc != 1) | |
11 | { | |
12 | // display usage and exit | |
13 | } | |
14 | ||
15 | memset(buf, 0, 0x18); // clear buffer | |
16 | ||
17 | FILE *in = fopen("license.txt", "r"); | |
18 | fscanf(in, "%s", buf); // buffer overflow vulnerability - tut tut! | |
19 | fclose(in); | |
20 | ||
21 | &longPtr = &buf; | |
22 | if(*longPtr != 0x71686367) // first 4 bytes = 'gchq'? | |
23 | { | |
24 | // error & exit | |
25 | } | |
26 | ||
27 | if(strcmp(crypt(buf[4], "hq"), "hqDTK7b8K2rvw")) { //hash next 8 bytes and compare with our hash | |
28 | // invalid code - exit | |
29 | } | |
30 | ||
31 | ||
32 | // everything has checked out - construct URL | |
33 | // of format /hqDTK7b8K2rvw/XX/XX/XX/key.txt | |
34 | - | } |
34 | + | |
35 | // connect to hostname supplied on command line | |
36 | ||
37 | } | |
38 | ||
39 |