Codegate CTF 2019
签到题
base85一把梭
KingMaker
20000
给了20k个.so文件, 然后用一个程序去调用, 分类一波以后一共如下四种:
- filter1
过滤了;, *, |, &, $, `, >, <, r - filter2
过滤了v, m, p, d, n, bin, sh, bash, f, l, g - test1
memset(&buf, 0, 0x30uLL);
v2 = 0;
puts("This is lib_100 file.");
puts("How do you find vulnerable file?");
read(0, &buf, 0x32uLL);
system("exit"); - test2
用filter1和filter2过滤后, 执行system(“ls \”input\”)
看起来似乎是命令注入