.sh - adeptex/CTF GitHub Wiki
https://losfuzzys.github.io/writeup/2017/12/30/34c3ctf-minbashmaxfun/
Command | Description |
---|---|
$(command) |
Command substitution |
$((arithmetic)) |
Arithmetic expansion |
text{a,b,c} |
Brace expansion |
command < file |
STDIN redirection |
command <<< text |
STDIN literal redirection |
$'string with \nn and other \145scapes' |
Dollar-quoted string literals |
$'\52' |
\nn is an octal number of the ASCII char |
${#variable} |
Variable string length |
${!variable} |
Indirect variable expansion |
$# |
Number of parameters to bash |
$$ |
Bash process ID |
$! |
Last process ID |
if [ -d "$DIRECTORY" ]; |
If directory exists |
#include <stdlib.h>
#include <stdio.h>
int puts(const char *s) {
setuid(0);
setgid(0);
return system("/bin/cat flag.txt");
}
#include <string.h>
int strcmp(const char *s1, const char *s2) {
return 0;
}
gcc -fPIC -shared -ldl -o pwn.so pwn.c
LD_PRELOAD=./pwn.so ./binary