digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-22 19:58:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

randomise salt for metactf ase challenges

Browse Source
This commit is contained in:
Z. Cliffe Schreuders
2021-02-17 12:24:43 +00:00
parent 184687d0eb
commit 1d32d7bebc
17 changed files with 19 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/utilities/unix/ctf/metactf/files/repository/src_sse/Ch1-2/Ch2_03_IntOverflow/build.zsh
View File

@@ -1,5 +1,5 @@
#!/bin/zsh
SALT=`date +%g`
SALT=`date +%N`
if [[ ARGC -gt 0 ]] then
BINNAME=`basename $PWD`
foreach USER ($@)

2
modules/utilities/unix/ctf/metactf/files/repository/src_sse/Ch3-ExtraFormatStr/Ch3_Format0_Leak/build.zsh
View File

@@ -1,6 +1,6 @@
#!/bin/zsh
SALT=`date +%g`
SALT=`date +%N`
if [[ ARGC -gt 0 ]] then
BINNAME=`basename $PWD`
foreach USER ($@)

2
modules/utilities/unix/ctf/metactf/files/repository/src_sse/Ch3-ExtraFormatStr/Ch3_Format1_LeakDollar/build.zsh
View File

@@ -1,6 +1,6 @@
#!/bin/zsh
SALT=`date +%g`
SALT=`date +%N`
if [[ ARGC -gt 0 ]] then
BINNAME=`basename $PWD`
foreach USER ($@)

2
modules/utilities/unix/ctf/metactf/files/repository/src_sse/Ch3-ExtraFormatStr/Ch3_Format2_nCorruptKey/build.zsh
View File

@@ -1,6 +1,6 @@
#!/bin/zsh
SALT=`date +%g`
SALT=`date +%N`
if [[ ARGC -gt 0 ]] then
BINNAME=`basename $PWD`
foreach USER ($@)

2
modules/utilities/unix/ctf/metactf/files/repository/src_sse/Ch3-ExtraFormatStr/Ch3_Format3_nWriteKey/build.zsh
View File

@@ -1,6 +1,6 @@
#!/bin/zsh
SALT=`date +%g`
SALT=`date +%N`
if [[ ARGC -gt 0 ]] then
BINNAME=`basename $PWD`
foreach USER ($@)

2
modules/utilities/unix/ctf/metactf/files/repository/src_sse/Ch3-ExtraFormatStr/Ch3_Format4_nWriteFnP/build.zsh
View File

@@ -1,6 +1,6 @@
#!/bin/zsh
SALT=`date +%g`
SALT=`date +%N`
if [[ ARGC -gt 0 ]] then
BINNAME=`basename $PWD`
foreach USER ($@)

4
modules/utilities/unix/ctf/metactf/files/repository/src_sse/Ch3-ExtraFormatStr/Ch3_Format5_nTargetWrite/build.zsh
View File

@@ -1,13 +1,13 @@
#!/bin/zsh
SALT=`date +%g`
SALT=`date +%N`
if [[ ARGC -gt 0 ]] then
BINNAME=`basename $PWD`
foreach USER ($@)
mkdir -p obj/$USER
HASH=`echo $USER $SALT $BINNAME | sha256sum | awk '{print $1}' | cut -c 1-2 | tr \[a-f\] \[A-F\]`
AA=`echo "ibase=16;$HASH+20" | bc`
BB=`echo $USER $SALT $BINNAME | openssl dgst -sha512 -binary | base64 | head -1 | tr -d /=+ | cut -c 1-3 | xxd -p | sed s/0a$/5a/`
BB=`echo $USER $SALT $BINNAME | openssl dgst -sha512 -binary | base64 | head -1 | tr -d /=+ | cut -c 1-3 | xxd -p | sed s/0a$/5a/`
cat program.c.template | sed s/AAAAAA/$AA/ >! program.c
gcc -m32 -Wformat=0 -Wl,--section-start=.bss=0x$BB -o obj/$USER/$BINNAME program.c
end

2
modules/utilities/unix/ctf/metactf/files/repository/src_sse/Ch3-ExtraFormatStr/Ch3_Format6_PLTHijack/build.zsh
View File

@@ -1,6 +1,6 @@
#!/bin/zsh
SALT=`date +%g`
SALT=`date +%N`
if [[ ARGC -gt 0 ]] then
BINNAME=`basename $PWD`
foreach USER ($@)

2
modules/utilities/unix/ctf/metactf/files/repository/src_sse/Ch3.6-3.7/Ch3_07_ParamsRegs/build.zsh
View File

@@ -1,5 +1,5 @@
#!/bin/zsh
SALT=`date +%g`
SALT=`date +%N`
if [[ ARGC -gt 0 ]] then
BINNAME=`basename $PWD`
foreach USER ($@)

2
modules/utilities/unix/ctf/metactf/files/repository/src_sse/Ch3.6-3.7/Ch3_07_ParamsStack/build.zsh
View File

@@ -1,5 +1,5 @@
#!/bin/zsh
SALT=`date +%g`
SALT=`date +%N`
if [[ ARGC -gt 0 ]] then
BINNAME=`basename $PWD`
foreach USER ($@)

2
modules/utilities/unix/ctf/metactf/files/repository/src_sse/Ch3.6-3.7/Ch3_07_SegvBacktrace/build.zsh
View File

@@ -1,5 +1,5 @@
#!/bin/zsh
SALT=`date +%g`
SALT=`date +%N`
if [[ ARGC -gt 0 ]] then
BINNAME=`basename $PWD`
foreach USER ($@)

2
modules/utilities/unix/ctf/metactf/files/repository/src_sse/Ch3.7-3.9/Ch3_07_CanaryBypass/build.zsh
View File

@@ -1,5 +1,5 @@
#!/bin/zsh
SALT=`date +%g`
SALT=`date +%N`
if [[ ARGC -gt 0 ]] then
BINNAME=`basename $PWD`
foreach USER ($@)

2
modules/utilities/unix/ctf/metactf/files/repository/src_sse/Ch3.7-3.9/Ch3_07_HijackPLT/build.zsh
View File

@@ -1,5 +1,5 @@
#!/bin/zsh
SALT=`date +%g`
SALT=`date +%N`
if [[ ARGC -gt 0 ]] then
BINNAME=`basename $PWD`
foreach USER ($@)

2
modules/utilities/unix/ctf/metactf/files/repository/src_sse/Ch3.7-3.9/Ch3_07_ScanfOverflow/build.zsh
View File

@@ -1,5 +1,5 @@
#!/bin/zsh
SALT=`date +%g`
SALT=`date +%N`
if [[ ARGC -gt 0 ]] then
BINNAME=`basename $PWD`
foreach USER ($@)

2
modules/utilities/unix/ctf/metactf/files/repository/src_sse/Ch3.7-3.9/Ch3_07_StackSmash/build.zsh
View File

@@ -1,5 +1,5 @@
#!/bin/zsh
SALT=`date +%g`
SALT=`date +%N`
if [[ ARGC -gt 0 ]] then
BINNAME=`basename $PWD`
foreach USER ($@)

2
modules/utilities/unix/ctf/metactf/files/repository/src_sse/SSE/Ch_BashInjection_1/build.zsh
View File

@@ -1,5 +1,5 @@
#!/bin/zsh
SALT=`date +%g`
SALT=`date +%N`
if [[ ARGC -gt 0 ]] then
BINNAME=`basename $PWD`
foreach USER ($@)

11
modules/utilities/unix/ctf/metactf/files/repository/src_sse/SSE/Ch_BashInjection_1/program.c.template
View File

@@ -1,19 +1,12 @@
#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
int main() {
char name [20];
char command [100];
printf("This challenge has no password -- you need to exploit a weakness to access the flag\n");
printf("A program is vulnerable to command injection if you can change "
"the behaviour of software by inserting commands into input that get "
"interpreted as commands for the program to execute.\n"
"Hint: the input string is surrounded by quotes.\n\n");
printf("A program is vulnerable to command injection if you can change the behaviour of software by inserting commands into input that get interpreted as commands for the program to execute.\n\n");
printf("What is your name?\n");
scanf("%19[^\n]s", &name);
sprintf(command, "echo Hello '%s'; echo The time is "
sprintf(command, "echo Hello %s; echo The time is "
"currently:; date", name);
setregid(getegid(),getegid());
system(command);
}