360 Preliminary Exam Overflow Quiz

This is a very simple overflow problem, it took me a day to do, why? Dish, Bai!

Start with confidence open the reverse question a look, is a driver, what ghost? Immediately after the thought, did not play a thing. Fortunately, there is an overflow problem in the system security.

Okay, no beep, just ask for the artifact Ida.

See the Read_flag_file function, remember that the function address is at 400824

And with a powerful F5.

Oh, it turns out to be a server-side program that executes the Parse_packet function when the received packet exceeds 8 o'clock

Enter Parse_packet

See here are a few get functions, feel a problem, point inside to see

Eh, see the memcpy function, very happy. function function is to read the contents of the packet, after a bunch of verification and then write to the Parse_packet buffer

Then the inverse algorithm constructs the following packet

\x02\x04\x02\x00\x00\x00\x04\x18\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\ x00\x24\x08\x40\x00

A send, hey success!

360 Preliminary Exam Overflow Quiz