Hello hackers! hope you are all doing well today. Now that we have done stack-2. We will now move onto stack3.
SOURCE CODE:
On analysing we can immediately tell that our required answer is in the modified space. We just need to buffer overflow it and give the modified address in a little endian format. But the actual problem is how are we going to inject our payload?
/opt/protostar/bin/stack3:
So the program says to set an environment variable. But first what is the environment variable?
These are the systems environment variables. According to google, An environment variable is a variable whose value is set outside the program.
So it seems we have to set a value to our environment variable ‘GREENIE’. We can do so by the following method.
GREENIE=hacker(anything)
export GREENIE
Clearly, our output value has changed. Now we are about to inject our payload in a similar manner but instead of something random, we will give the payload:
GREENIE=`(python -c ‘print “A”*64 + “\x0a\x0d\x0a\x0d” ’)`
export GREENIE
Things we have to remember are:
- We are passing this as an argument to the environment variable so there should be either “$” symbol or “`” symbol.
- Remember not to give any spaces between GREENIE and the “=” symbol as the system will consider the empty space as a variable and will pop you an error message.
So that is going to be the end of stack2. More is yet to be released, untill then take care bye bye :).