Level 12

About

There is no description available for this level.

OptionSetting
Vulnerability TypeFormat
Position Independent ExecutableNo
Read only relocationsNo
Non-Executable stackYes
Non-Executable heapYes
Address Space Layout RandomisationYes
Source FortificationNo

Source code

#include "../common/common.c"

/*
 * The aim of this level is to redirect code execution by overwriting an entry
 * in the global offset table.
 */

void callme()
{
  printf("Hmmm, how did this happen?\n");
  system("exec /bin/sh");
}

void echo(char *string)
{
  printf("You said, \"");
  printf(string);
  printf("\"\n");
  fflush(stdout);
}

int main(int argc, char **argv, char **envp)
{
  int fd;
  char *p;

  background_process(NAME, UID, GID);  
  fd = serve_forever(PORT);
  set_io(fd);

  printf("Basic echo server. Type 'quit' to exit\n");

  while(1) {
    char input[1024];
    memset(input, 0, sizeof(input));

    fgets(input, sizeof(input)-1, stdin);
    if(strlen(input) == 0 || strncmp(input, "quit", 4) == 0) {
      exit(0);
    }    
    
    if((p = strchr(input, '\r')) != NULL) *p = 0;
    if((p = strchr(input, '\n')) != NULL) *p = 0;

    echo(input);
  }
}