You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: _posts/2014-05-19-defcon-2014-quals--shitsco.md
+2
Original file line number
Diff line number
Diff line change
@@ -69,6 +69,8 @@ Enable seems not too exciting, though it does appear to set an admin bit.
69
69
70
70
Notably, their read_input function doesn't properly null terminate strings, so sometimes we can get a few bytes of stack data out of the %s on printf. Unfortunately, this turns out to be completely worthless.
71
71
72
+
[addendum] I later realized that this IS useful, I knew I was reading the result of strcmp, but was lazy and didn't think about the fact that strcmp tells you WHERE the difference starts, so you can trivially brute force the password only 1 character at a time. This would've also worked.
73
+
72
74
On to the other odd looking features of 'set' and 'show'.
0 commit comments