#include <stdio.h> #include <stdlib.h> #include <string.h> #include <unistd.h> #include "./utils.h"
int login() { printf("WELCOME MR. FALK\n");
system("/bin/sh"); return 0; }
void hash_pass(char * password, char * username) { int i = 0;
while(password[i] && username[i]) { password[i] ^= username[i]; i++; }
while(password[i]) { password[i] ^= 0x44; i++; }
return; }
int load_pass(char ** password) { FILE * fd = 0; int fail = -1; int psize = 0;
fd = fopen("./pass", "r"); if(fd == NULL) { printf("Could not open secret pass!\n"); return fail; }
if(fseek(fd, 0, SEEK_END)) { printf("Failed to seek to end of pass!\n"); return fail; }
psize = ftell(fd);
if(psize == 0 || psize == -1) { printf("Could not get pass size!\n"); return fail; }
if(fseek(fd, 0, SEEK_SET)) { printf("Failed to see to the start of pass!\n"); return fail; }
*password = (char *)malloc(psize); if(password == NULL) { printf("Could not malloc for pass!\n"); return fail; }
if(fread(*password, sizeof(char), psize, fd) != psize) { printf("Could not read secret pass!\n"); free(*password); return fail; }
fclose(fd);
return psize; }
int login_prompt(int pwsize, char * secretpw) { asm("incl -8(%ebp)");
char password[32]; char username[32]; char readbuff[128]; int attempts = -3; int result = -1;
while(attempts++) { memset(password, 0, sizeof(password)); memset(username, 0, sizeof(username)); memset(readbuff, 0, sizeof(readbuff));
printf("Enter your username: "); fgets(readbuff, sizeof(readbuff), stdin);
strncpy(username, readbuff, sizeof(username));
printf("Enter your password: "); fgets(readbuff, sizeof(readbuff), stdin);
strncpy(password, readbuff, sizeof(password));
hash_pass(password, username);
if(pwsize > 16 && memcmp(password, secretpw, pwsize) == 0) { login(); result = 0; break; }
printf("Authentication failed for user %s\n", username); }
return result; }
int main(int argc, char* argv[]) { int pwsize; char * secretpw;
disable_buffering(stdout);
pwsize = load_pass(&secretpw); pwsize = pwsize > 32 ? 32 : pwsize;
if(pwsize == 0 || pwsize == -1) return EXIT_FAILURE;
hash_pass(secretpw, "lab6A"); printf("----------- FALK OS LOGIN PROMPT -----------\n"); fflush(stdout);
if(login_prompt(pwsize, secretpw)) {
printf("+-------------------------------------------------------+\n"\ "|WARNINGWARNINGWARNINGWARNINGWARNINGWARNINGWARNINGWARNIN|\n"\ "|GWARNINGWARNI - TOO MANY LOGIN ATTEMPTS - NGWARNINGWARN|\n"\ "|INGWARNINGWARNINGWARNINGWARNINGWARNINGWARNINGWARNINGWAR|\n"\ "+-------------------------------------------------------+\n"\ "| We have logged this session and will be |\n"\ "| sending it to the proper CCDC CTF teams to analyze |\n"\ "| ----------------------------- |\n"\ "| The CCDC cyber team dispatched will use their |\n"\ "| masterful IT and networking skills to trace |\n"\ "| you down and serve swift american justice |\n"\ "+-------------------------------------------------------+\n");
return EXIT_FAILURE; }
return EXIT_SUCCESS; }
|