This challenge is pretty much the same as the previous challenge, except that the buffer comes from an environmental variable. #include <stdlib.h> #include <unistd.h> #include <stdio.h> #include <string.h> int main(int argc, char **argv) { volatile int modified; char …

This challenge is very similar to the previous one. The main difference is that instead of just validating that the “modified” value was changed, it validates that it was changed to a specific value, 0x61626364, or “dcba” in ASCII. #include <stdlib.h> #include …

I’m still working on the Nebula chain of challenges, however, I’ve been stuck on Nebula 11 for a bit now, as well as busy outside work. In the meantime, I still have other challenges that can be solved while I learn how to do more advanced ones. Protostar is another challenge made by …

Challenge 10 is another nostalgic one for me. Back when I was first starting with linux, I remember reading about overflows and race conditions. This challenge is the latter, a race condition. We’re given a C/C++ app to exploit: #include <stdlib.h> #include <unistd.h> #include …

Challenge 09 gave me the most issues out of any other challenge so far. This may just be because I haven’t touched PHP since version 3 was just coming out. However, it is based on a dangerous function, known as preg_replace(). There are several more dangerous functions, some of which can be …

Challenge 08 is more of a real-world challenge than some of the others have been. It’s also very dear to my heart, getting back to my networking roots. You are instructed simply to check out what the level08 user has been up to. This is fairly easy, since when you login as level08, you see a …