Exploit Exercises Nebula Level 13 - SemilleroSeguridadInformatica/Sem-Security GitHub Wiki
There is a security check that prevents the program from continuing execution if the user invoking it does not match a specific user id.
To do this level, log in as level13 account with the password level13. Files for this level can be found in /home/flag13.
#include <stdlib.h>
#include <unistd.h>
#include <stdio.h>
#include <sys/types.h>
#include <string.h>
#define FAKEUID 1000
int main(int argc, char **argv, char **envp)
{
int c;
char token[256];
if(getuid() != FAKEUID) {
printf("Security failure detected. UID %d started us, we expect %d\n", getuid(), FAKEUID);
printf("The system administrators will be notified of this violation\n");
exit(EXIT_FAILURE);
}
// snip, sorry :)
printf("your token is %s\n", token);
}