├── build.sh ├── hacked ├── hacked.c ├── password ├── secrets.c └── secrets.h /build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | sudo apt install gcc-multilib 4 | gcc -o hacked hacked.c secrets.c -fno-stack-protector -m32 -no-pie 5 | -------------------------------------------------------------------------------- /hacked: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lowleveltv/secure-server-stuff/057410f185b868f6ed18a4eb155f753d5f49d26e/hacked -------------------------------------------------------------------------------- /hacked.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include "secrets.h" 4 | 5 | void debug() 6 | { 7 | printf("!! ENTERING DEBUG MODE !!\n"); 8 | system("/bin/bash"); 9 | } 10 | 11 | int checkPassword() 12 | { 13 | char password[64]; 14 | 15 | printf("password: "); 16 | gets(password); 17 | 18 | return isValidPassword(password); 19 | } 20 | 21 | int main(int argc, char **argv) 22 | { 23 | printf("WELCOME TO THE SECURE SERVER\n"); 24 | 25 | if (checkPassword()) 26 | { 27 | debug(); 28 | } else { 29 | printf("Wrong password, sorry;\n"); 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /password: -------------------------------------------------------------------------------- 1 | too_kool_4_skool 2 | -------------------------------------------------------------------------------- /secrets.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | #include 5 | #include 6 | #include 7 | 8 | int isValidPassword(char *input) 9 | { 10 | char actual_password[1024]; 11 | int fd = open("./password", O_RDONLY); 12 | if (fd < 0) 13 | { 14 | perror("read"); 15 | printf("Report this to an admin\n"); 16 | return 0; 17 | } 18 | 19 | ssize_t n_read = read(fd, actual_password, 1024); 20 | if (actual_password[n_read-1] == 0xa) 21 | { 22 | actual_password[n_read-1] = 0x0; 23 | } 24 | close(fd); 25 | 26 | return (strcmp(actual_password, input) == 0); 27 | } 28 | -------------------------------------------------------------------------------- /secrets.h: -------------------------------------------------------------------------------- 1 | int isValidPassword(char *input); 2 | --------------------------------------------------------------------------------