Handy-Shellcode | picoCTF 2019 | Done By Ishara Abeythissa

Ishara Abeythissa
2 min readOct 5, 2019

--

done by Ishara Abeythissa

Hey everyone welcome to the latest picoCTF 2019 challenges in this year started at September 27. And still having very very competitive situation inside the arena. So I started doing challenges here and i found pretty cool challenge called handy-shellcode. first of first Let’s see whats going on :)

Handy Shell-code Challenge

As you can see they provide us vulnerable binary file and source code of it. So let’s download it and review the code.

Source Code of Vulnerable APP

First of first I refer main function and inside the main function you can see developer create buff array with char type and after the first argument the buff variable send to the vuln function with stored user input. if you read my previous articles related to buffer overflow gets and puts functions allow to buffer overflow inside the memory. so now all are cleared. now we need to find shellcode to give as input.

shellcode — \x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x89\xc1\x89\xc2\xb0\x0b\xcd\x80\x31\xc0\x40\xcd\x80

you can use this shell-code and print it with python :).

shell-code results

according to above image shell code successfully execute inside the vuln application. now we need to execute this inside the pico shell. let’s create python payload for this.

python script

you can take this script in below link

Link — https://github.com/ishara1995/picoCTF2019

Now let’s run the script :)

BOOOOOM TIME

hope you enjoy. keep in touch for more than amazing challenges will be soon. Happy Hacking :)

--

--