Exercises

Practice on exercises at https://intra.forge.epita.fr/.

Please try to understand the code of the exercise first, and do it by yourself.
When you are really blocked, then check the hints.
Finally, if you still cannot do the exercise, ask the teacher.

Simple exercise

ret2win-basic

Hints 🗺

Hint 1

Have you seen that the buffer size changed ?

Hint 2

How many bytes do we need now to overwrite the return address ?

Hint 3

How many bytes were added to the buffer size ?

Which function

Hints 🗺

Hint 1

What changed from the previous challenge ?

Hint 2

Did you check the function names ?

Hint 3

No more hints, good luck 😜

Harder exercises

Limited space

Hints 🗺

Hint 1

man read

Hint 2

Where are you returning to ?

Hint 3

How much space do you have ?

Hint 4

How are addresses stored in memory ? Check this

Allo 1 2 3

There are 2 solutions for this challenge:

natural one (intended solution)
hacky one (a bit more difficult)

Hints 🗺 (solution 1)

Hint 1

Besides changing the return address, what else should you change ?

Hint 2

How should the stack look ? Check this if you forgot

Hints 🗺 (solution 2)

Hint 1

How do you bypass the check ?

Hint 2

How does a call to execl() look like ? Use gdb and step through.

Exercises

Simple exercise​

ret2win-basic​

Which function​

Harder exercises​

Limited space​

Allo 1 2 3​

Simple exercise

ret2win-basic

Which function

Harder exercises

Limited space

Allo 1 2 3