Username: 
Password: 
Restrict session to IP 
Questions  |  score: 4  |  4.29 5.64 6.82 |  Solved By 375 People  |  69797 views  |  since Mar 24, 2012 - 01:30:23

Choose your Path II (Linux, Exploit, Warchall)

Choose your Path II
This is the level11 mini challenge found in /home/level/11/ on the warchall box.
The sequel to Choose your Path.
You can view the source here.

Proudly presented by Mart and the warchall staff.
GeSHi`ed C code for choose_your_path2.c
1
2
3
4
56
7
8
9
1011
12
13
14
1516
17
18
19
2021
22
23
24
2526
27
28
29
3031
32
33
34
3536
37
38
39
4041
42
43
44
4546
47
48
49
5051
52
53
54
5556
57
58
59
6061
62
63
64
6566
67
68
69
7071
72
73
74
7576
77
78
79
8081
82
83
84
8586
87
88
89
9091
92
93
94
9596
97
98
99
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <unistd.h> 
#define BUFSIZE 256
 
int escape_single_quotes(char *to, char *from, int max)
{  int l= 0;
 
  for (;*from;from++)
  {
    switch (*from)    {
      case '\'':
        if (l>=max-4) return 0; // not enough space for escaped chars!
// replace ' with '\''
        *(to++)= '\'';        *(to++)= '\\';
        *(to++)= '\'';
        l += 3;
      default:
        if (l>=max-1) return 0; // not enough space for this char!        *(to++)= *from;
        l++;
    }
  }
   *to= 0;
 
  return 1;
}
 int main(int argc, char *argv[])
{
  FILE *fp;
  char buf[BUFSIZE];
  char escaped_name[BUFSIZE];  char *filename;
  int lines, chars, cpl;
 
  setregid(1012, 1012); // set real and effective GID to level11
   if (argc != 2)
  {
    fprintf(stderr, "Usage: %s filename\n", argv[0]);
    exit(EXIT_FAILURE);
  }  
  filename= argv[1];
  printf("Counting %s ... \n", filename);
 
  if (!escape_single_quotes(escaped_name, filename, BUFSIZE))  {
    fprintf(stderr, "Escaped filename is too long!\n");
    exit(EXIT_FAILURE);
  }
   if (snprintf(buf, BUFSIZE, "wc -l '%s'", escaped_name)>=BUFSIZE)
  {
    fprintf(stderr, "Filename %s is too long!\n", filename);
    exit(EXIT_FAILURE);
  } 
  fp= popen(buf, "r");
  if (!fp)
  {
    fprintf(stderr, "Command execution failed! Sorry!\n");    exit(EXIT_FAILURE);
  }
  if (1!=fscanf(fp, "%d", &lines))
  {
    fprintf(stderr, "Cannot scan! Sorry!\n");  }
  pclose(fp);
 
  snprintf(buf, BUFSIZE, "wc -c '%s'", escaped_name);
  fp= popen(buf, "r");  if (!fp)
  {
    fprintf(stderr, "Command execution failed! Bummer!\n");
    exit(EXIT_FAILURE);
  }  if (1!=fscanf(fp, "%d", &chars))
  {
    fprintf(stderr, "Cannot scan! Sorry!\n");
  }
  pclose(fp); 
  cpl= chars/lines;
 
  printf("Chars per line is %d.\n", cpl);
   return EXIT_SUCCESS;
}
 
 
Your solution for Choose your Path II
Answer
© 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021, 2022, 2023 and 2024 by Mart and gizmore

Say *NO* to advertisements!