Narnia is a wargame from the overthewire
This wargame is for the ones that want to learn basic exploitation. You can see the most
common bugs in this game and we’ve tried to make them easy to exploit. You’ll get the
source code of each level to make it easier for you to spot the vuln and abuse it. The
difficulty of the game is somewhere between Leviathan and Behemoth, but some of the
levels could be quite tricky.
I will share each challenge day by day for beginner who want to learn basic exploitation.
Let’s start with 0 level.
Login with ssh
Let’s look at the source code
as a source code , we need to change the value
AAAA in hex) to
Lets find the offset from the stack to reach the value
set the breakpoint at before
scanf function and after function because that function scan our input and compare with
0xdeadbeef. If match ,we get the shell.
As we see here is our value
0x41414141 . Let’s find our input
continues it and input some character
As red lines we need 20 bytes to overwrite
0xdeadbeef. First we need to create oneline python script with 20
B (whatever you want) to reach
0x41414141 value and then to overwrite
0x41414141 , we will add another 4 bytes in the end which is
0xdeadbeef. But we need to change our
0xdeadbeef value to little endian like below
but we didn’t get shell . To get a shell we can use
cat command in our one line script like this
(python -c 'print "B" *20 + "\xef\xbe\xad\xde"' ;cat) | ./narnia0
Thanks for reading,
Narnia1 writeup will be soon.