TUM CTF 2016::lolcpp::pwn-250

Posted by and filed under TUM CTF 2016.

We were given the source code for this challenge. There are two main bugs in this program. First, we have the strip_newline and fgets functions. From the fgets man page: So, if we add a NULL byte at the end of the password, strcpy will see the end of the string but fgets… Read more »