SMASH THE STACK LEVEL 5

Categories: Security, tech

still smashing 😀

echo one 😀 let’s see the source code

SMASH THE STACK LEVEL4

Categories: Linux, Security, tech

level 4 😀

so i will read the code

popen to execute whoami

underc0de 3 WalkThrough

Categories: Python, Security, tech, Uncategorized, Web

loaded the virtual machine and run netdiscover to get the machine IP

x.112 is  the target   so let’s see what ports available

apache is on 😀 so let’s brute-force the directory in the server

SMASH THE STACK LEVEL3

Categories: Security, tech

pretty good level I learned a few new stuff so lets hit the game

fighting with the app till it crashes and hell yeah we start from fault 😀 so we need to see what’s going on

SMASH THE STACK LEVEL2

Categories: Security, tech

time to play

let’s read what it says

first function catcher  and it trigger the suid  and drop the bash nice  this is what we want

SMASH THE STACK Level1

Categories: Security, tech

after login to the ssh server levels located on /levels so let’s play  level1

as u notice it had suid permeation  -r-sr-x— for level2  so it will lead us to a user (level2 )

I entered any test number and it leads me with no respond 😀 crazy huh! so I decided to look […]