OverRide is a explore disassembly, binary exploitation & reverse-engineering through 10 little challenges.
In the folder for each level you will find:
See the subject for more details.
Getting Started
First download from 42 OverRide.iso.
Virtual Machine setup
On Mac OSX, install VirtualBox.
In VirtualBox create a new VM (click new).
Continue through all the next steps with the default settings:
Next click Settings > Network > Adapter 1 > Attached to: Bridged Adapter.
Still in settings click Storage > Right of “Controller: IDE”, there is a CD icon with a + sign (add optical drive). Click Add Disk Image, and select OverRide.iso.
Click Start to start the VM, once runnning it should show the VM IP address and prompt user to login.
SSH connect
Log in from a separate shell as user level00 with password level00.
ssh level00@{VM_IP} -p 4242
Level Up
As user level00 the goal is to read the password for user level01, found at /home/users/level01/.pass. However, user level00 does not have permissions to read this file.
In the home folder for user level00 is a binary level00 with SUID set and owner level01.
This means when we execute the binary level00, we do so with the permissions of user level01.
We must find a vulnerability in the binary level00 with gdb. Then exploit the vulnerability to run system(“/bin/sh”), opening a shell as user level01 where we have permissions to read the password.
cat /home/users/level01/.pass
Then log in as user level01.
su level01
Repeat for each level.
Reverse-engineered binary
For each level, we reverse engineered the original source.c by examining the gdb disassembly of the binary.
Levels Overview
PatchWerk is a proof-of-concept (PoC) tool designed to clean NTDLL syscall stubs by patching syscall…
Network fingerprinting is a critical technique for identifying and analyzing network traffic patterns, particularly in…
"HowToHunt" is a platform designed to assist hunters in improving their skills, planning their expeditions,…
SkyFall-Pack is an advanced infrastructure automation toolkit designed for Command and Control (C2) operations. It…
LummaC2 is a commodity malware designed as an information stealer, targeting browsers, cryptocurrency wallets, and…
RustOwl is an innovative tool designed to enhance the Rust programming experience by visualizing ownership…