this guide will discuss on how we can push data onto the stack and search it

this guide we will try to manually set register value and execute

The solution of this challenge is quite simple as you will be given all the information in the code from where we will have to get the password. We will need to use XOR operations to find out what is the password for this code.

code

code for this challenge is given below:

$ cat random.c  
#include <stdio.h>

int main(){
	unsigned int random;
	random = rand();	// random value!

	unsigned int key=0;
	scanf("%d", &key);

	if( (key ^ random) == 0xdeadbeef ){
		printf("Good!\n");
		system("/bin/cat flag");
		return 0;
	}

	printf("Wrong, maybe you should try 2^32 cases.\n");
	return 0;
}

Here we can see that there is a rendom value generated by the rand() funcation. But interestingly in the comment we can see a suspecious “!”. We should observe the value generated by the rand() function and see what is does. To do that, we just added a printf.

In the windows environment, to escalate privilege various information about the target system is needed. Unfortunately Windows systems are not as easy as Linux specially in the case of terminal and obtaining information from the shell. Everything in Windows systems seems twisted and made intentionally complex. You will have to remember a lot of tools other commands just to grab the basic informations about the system.

Below I have listed down some of the commands which should help.

In the windows environment, to escalate privilege various information about the target system is needed. Unfortunately Windows systems are not as easy as Linux specially in the case of terminal and obtaining information from the shell. Everything in Windows systems seems twisted and made intentionally complex. You will have to remember a lot of tools other commands just to grab the basic informations about the system.

Below I have listed down some of the commands which should help.