Message Of The Day | Google CTF 2018

Google CTF 2018

Message Of The Day

From the OffHub router, you jump onto the Google-Haus smart hub. This fully feature assistant of the future that uses machine learning on the blockchain to control all our IoT devices promises it all. It delivers the ability to print a Message-of-the-day. The rest is available as a premium subscription service paid monthly.

$nc motd.ctfcompetition.com 1337

You can find my all CTF solution in here

Attachement file and open server info is like above. I open the motd file in IDA

In the main function inputs taken by getline. If we want to use overflow memory vulnabities we must to search gets() funcition. Luckly, I found that, in the set_motd func. Also, buffer size is 0x100 which means 256 bit. we can use this memory for jump the given adress.

We must the find address of the flag, so that I found the get_admin_motd function and I saw read_flag function.

 

read_flag function opens the ./flag.txt file. It can be flag file I found the address. Now I am try to bruteforce for jump that line.

 

Adress is 00000000606063A5

I use gynvael’s scripts

 

CTF{m07d_1s_r3t_2_r34d_fl4g}

Leave a Reply

Your email address will not be published. Required fields are marked *