I solved this challenge with my teammate @javierprtd. Category: Exploiting. Points: 150. Binary: time_is. By executing the binary, we can see.
1 2 3 4 5 6 7 8 9 |
$ ./time_is Enter time zones separated by whitespace or q to quit hola hola: 05:54 Enter time zones separated by whitespace or q to quit %x.%x.%x.%x.%x.%x.%x.%x.%x 5.66666667.70a3d70b.2ce33e7.e40.bac364a0.350c30aa.2400010.78: 05:54 Enter time zones separated by whitespace or q to quit |
Well, format string vulnerability found The binary read from stdin using __getlimit function, and the unique limiter is ‘\n’.
1 |
v3 = __getdelim(&lineptr, &n, 10, stdin); |
The __printf_chk function is used for printing in stdout and checking if the […]