What is it? @.@

Here is the place where I record some tactics about wargame, systems, and other security issues.


Hack This Site! - Extbasic 1


Over and Over?

Level 1

You have to give input to a C program which gives you the length of the string. How would you crash it?
here is the function:

void blah(char *str)
         char lol[200];
         strcpy(lol, str);

  1. This program utilizes the strcpy function call. And since the limited length of the character string is 200, we could input a string with length greater than 200 to crash the C program.
  2. Input '111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111' and check.
  3. It's done!