tag:blogger.com,1999:blog-363901370178199333.post2517389420843163126..comments2023-04-22T21:34:03.168+02:00Comments on Binary world for binary people :): [Wargame] Shell-Storm August 2010m_101http://www.blogger.com/profile/04511118411760397645noreply@blogger.comBlogger1125tag:blogger.com,1999:blog-363901370178199333.post-26671774315692999842012-02-24T08:08:15.983+01:002012-02-24T08:08:15.983+01:00It's simpler than that! Much simpler.
Level 1...It's simpler than that! Much simpler.<br /><br />Level 1: Look at the string compare functions.<br />Level 2: simple buffer overflow<br />Level 3 you don't need to overflow anything, just 'sneak' around the character check by using back ticks to insert the escape (i.e. semicolon) to execute the command you want.<br />Level 4: There's a way to sneak '/../s' in there.<brAnonymousnoreply@blogger.com