Protostar Exploit Challenges Net1 Solution

Introduction

This challenge is simply an inverse of the first network challenge. The net1 program will send you a number in network byte order (big endian) and you must convert it to little endian and send it back.

The Code

In my case, the read function in c seems to take care of network byte order on its own. Thus, I simply read the number as is from the socket and then sent it back. That’s really all there was to it.

 

#include <stdlib.h>
#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>
#include <string.h>


void main() {
        // code for a client connecting to a server
        // namely a stream socket to www.example.com on port 80 (http)
        // either IPv4 or IPv6

        int sockfd;
        unsigned int received_int;
        struct addrinfo hints, *servinfo, *p;
        int rv;
        char buffer [512];
        char buffer2 [512];
        int n;

        memset(&hints, 0, sizeof hints);
        memset(buffer, 0, sizeof(buffer));
        memset(buffer2, 0, sizeof(buffer2));
        hints.ai_family = AF_UNSPEC;
        hints.ai_socktype = SOCK_STREAM;

        if ((rv = getaddrinfo("127.0.0.1", "2998", &hints, &servinfo)) != 0) {
            fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(rv));
            exit(1);
        }

        // loop through all the results and connect to the first we can
        for(p = servinfo; p != NULL; p = p->ai_next) {
            if ((sockfd = socket(p->ai_family, p->ai_socktype,
                    p->ai_protocol)) == -1) {
                perror("socket");
                continue;
            }

            if (connect(sockfd, p->ai_addr, p->ai_addrlen) == -1) {
                close(sockfd);
                perror("connect");
                continue;
            }

            //Grab the number from input
            read(sockfd, buffer, sizeof(buffer));

            //Print the unsigned integer version of what was read
            printf("Received: %u\r\n", *((unsigned int *)buffer));

            n = sprintf(buffer2, "%u", *((unsigned int *)buffer));

            printf("Sending: %u\r\n", *((unsigned int *)buffer2));

            send(sockfd, buffer2, n, 0);

            read(sockfd, buffer, sizeof(buffer));

            printf("%s", buffer);

            break; // if we get here, we must have connected successfully
        }

        if (p == NULL) {
            // looped off the end of the list with no connection
            fprintf(stderr, "failed to connect\n");
            exit(2);
        }

        freeaddrinfo(servinfo); // all done with this structure
}

VICTORY

Leave a Reply