ProHoster > Блог > Gudanarwa > Magance aikin tare da pwnable.kr 25 - otp. Iyakar girman fayil ɗin Linux

Magance aikin tare da pwnable.kr 25 - otp. Iyakar girman fayil ɗin Linux

Magance aikin tare da pwnable.kr 25 - otp. Iyakar girman fayil ɗin Linux
A cikin wannan labarin za mu warware aikin 25th daga shafin mai yiwuwa.kr.

bayanin kungiyaMusamman ga masu son koyon wani sabon abu da haɓaka ta kowane fanni na bayanai da tsaro na kwamfuta, zan yi rubutu da magana game da waɗannan nau'ikan:

  • PWN;
  • cryptography (Crypto);
  • fasahar sadarwa (Network);
  • baya (Reverse Engineering);
  • steganography (Stegano);
  • bincike da amfani da raunin WEB.

Bugu da kari, zan raba gwaninta a cikin binciken kwamfyuta, malware da bincike na firmware, hare-hare kan cibiyoyin sadarwa mara waya da cibiyoyin sadarwa na yanki, yin amfani da rubutu da rubutu.

Domin ku sami sabbin labarai, software da sauran bayanai, na ƙirƙira Telegram channel и group domin tattauna duk wata matsala a cikin IIKB. Hakanan buƙatunku na sirri, tambayoyi, shawarwari da shawarwari Zan duba in ba kowa amsa..

An bayar da duk bayanan don dalilai na ilimi kawai. Marubucin wannan takarda ba shi da alhakin duk wani lahani da aka yi wa kowa sakamakon amfani da ilimi da hanyoyin da aka samu a sakamakon nazarin wannan takarda.

Magance aikin otp

Mu ci gaba da kashi na biyu. Zan ce nan da nan cewa ya fi na farko wahala, amma a wannan karon ba su ba da lambar tushe na shirin ba. Kar a manta tattaunawar anan (https://t.me/RalfHackerPublicChat) kuma a nan (https://t.me/RalfHackerChannel). Mu fara.

Danna gunkin tare da sa hannu otp. Ana ba mu adireshi da tashar jiragen ruwa don haɗi zuwa.

Magance aikin tare da pwnable.kr 25 - otp. Iyakar girman fayil ɗin Linux

Muna haɗi kuma muna duban sabar.

Magance aikin tare da pwnable.kr 25 - otp. Iyakar girman fayil ɗin Linux

Tutar da ba za mu iya karantawa ita ce shirin da lambar tushe. Bari mu ga tushen.

Magance aikin tare da pwnable.kr 25 - otp. Iyakar girman fayil ɗin Linux

Mu karba. Shirin yana ɗaukar kalmar sirri a matsayin hujja.

Magance aikin tare da pwnable.kr 25 - otp. Iyakar girman fayil ɗin Linux

Bugu da ari, bazuwar bytes 16 ana adana su a cikin m otp.

Magance aikin tare da pwnable.kr 25 - otp. Iyakar girman fayil ɗin Linux

An ƙirƙiri fayil mai suna bazuwar a cikin tmp folder (na farko 8 bytes ne otp) kuma ana rubuta masa bazuwar 8 bytes (na biyu 8 bytes ne otp).

Magance aikin tare da pwnable.kr 25 - otp. Iyakar girman fayil ɗin Linux

Don wasu dalilai, ana karanta darajar fayil ɗin da aka ƙirƙira kuma ana kwatanta shi da kalmar sirri da aka shigar.

Magance aikin tare da pwnable.kr 25 - otp. Iyakar girman fayil ɗin Linux

Akwai rauni a nan. Ya ƙunshi matsakaiciyar ajiyar lambar da aka ƙirƙira zuwa fayil. Za mu iya iyakance girman fayil, misali, zuwa 0, sannan lokacin rubutawa da karantawa, 0 za a kwatanta shi da kalmar sirri. Kuna iya yin shi kamar haka.

# ulimit -f 0

Magance aikin tare da pwnable.kr 25 - otp. Iyakar girman fayil ɗin Linux

Yanzu bari mu gudanar da shirin.

Magance aikin tare da pwnable.kr 25 - otp. Iyakar girman fayil ɗin Linux

Muna samun kuskure. Ba komai, ana iya sarrafa shi ta amfani da Python iri ɗaya.

python -c "import os, signal; signal.signal(signal.SIGXFSZ, signal.SIG_IGN); os.system('./otp 0')"

Magance aikin tare da pwnable.kr 25 - otp. Iyakar girman fayil ɗin Linux

Muna samun tuta da maki 100 mai sauƙi. Kuma za mu ci gaba: a cikin labarin na gaba za mu tabo kan Yanar Gizo. Kuna iya shiga mu a sakon waya.

source: www.habr.com

Add a comment