Exploit Exersizes Nebula Level 01

6 Feb

After completing Nebula level 00, I’ve finally had time to move to Level 01, and give it some thought.

In level01 you’re given a short code example, and asked to exploit it. After looking at the code for a short period, it was clear that the issue was in the line:

system("/usr/bin/env echo and now what?");

I’m not a C programmer, so I had to look up the other stuff, but when I realized that echo was not an explicit path, it was clearly simple that it was the exploit.

To exploit this I did the following:


In /home/flag01 I created a script named echo, with the following content:



Make the script executable with chmod +x, then run /home/flag01/flag01:

level01@nebula:~$ chmod +x echo 
level01@nebula:~$ /home/flag01/flag01 
flag01@nebula:~$ getflag
You have successfully executed getflag on a target account

Now onto Nebula Level02 when I have some time


I am ben kevan.. Well yeah. .that's about it.

One thought on “Exploit Exersizes Nebula Level 01

  1. Pingback: Exploit Exersizes Nebula Level 02 | Free Techie Blog

Leave a Reply

Your email address will not be published. Required fields are marked *