In a new Terminal window, execute this command:curl https://samsclass.info/127/proj/p4x-server1.c > p4x-server1.c curl https://samsclass.info/127/proj/p4x-server1 > p4x-server1 chmod a+x p4x-server1 ./p4x-server1
You see a prompt. Enter HELLO. It's echoed back to you, as shown below.nc 127.0.0.1 4010
Exploit this server so that you get a remote shell, as shown below.
YOU MUST SUBMIT A FULL-SCREEN IMAGE FOR FULL CREDIT!
Save the image with the filename "YOUR NAME Proj 4xa", replacing "YOUR NAME" with your real name.
In a new Terminal window, execute this command:curl https://samsclass.info/127/proj/p4x-server2 > p4x-server2 chmod a+x p4x-server2 ./p4x-server2
You see a prompt. Enter HELLO. It's echoed back to you.nc 127.0.0.1 4020
Exploit this server so that you get a remote shell, as shown below.
Hint: You'll need to add 100 bytes of padding AFTER the exploit and BEFORE the injected $eip, as demonstrated in this video.
YOU MUST SUBMIT A FULL-SCREEN IMAGE FOR FULL CREDIT!
Save the image with the filename "YOUR NAME Proj 4xb", replacing "YOUR NAME" with your real name.
If you'd like a local copy of the server binary to analyze, use this command.nc attack32direct.samsclass.info 4030
Exploit this process and get a shell on the server. Then put your name in this file:curl https://samsclass.info/127/proj/p4x-server3-500 > p4x-server3-500
Create this file:/home/p4x/winners
After one minute, your name will appear on the WINNERS page here:/home/p4x/updatenow
http://attack32direct.samsclass.info/winners.html
NOTES:
Troubleshooting
If your exploit fails, it might be that the port is in use. You can check the local network connections at this page:http://attack32direct.samsclass.info/netstat.htm
That page is updated every 5 seconds.
If you kill the server, it will restart after one minute
There are two other identical servers running on ports 4040 and 4050
Every 15 minutes, all three servers are restarted
Capture a full-screen image.
YOU MUST SUBMIT A FULL-SCREEN IMAGE FOR FULL CREDIT!
Save the image with the filename "YOUR NAME Proj 4xc", replacing "YOUR NAME" with your real name.