Pwning a Lua application via printf()

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Pwning a Lua application via printf()
From: Rena <hyperhacker@...>
Date: Sat, 24 Jan 2015 09:00:43 -0500

https://fail0verflow.com/blog/2014/31c3ctf-pwn30-pong.html

Basically, this is a game set up for people to try to hack into. This
person succeeded by exploiting its misuse of printf()[1] to get hold
of luaL_openlibs() and from there os.execute(). Pretty neat read.

[1] If I'm reading correctly, the bug is in the game's own print()
implementation, and not Lua's standard print(). :-)

-- 
Sent from my Game Boy.

Prev by Date: Re: About a week with LUA_NOCVTN2S and LUA_NOCVTS2N
Next by Date: Re: Some parsing questions
Previous by thread: Re: Practical Shebang (#!) Trick (Better Than /usr/bin/env)
Next by thread: concerning hyperbolic functions
Index(es):
- Date
- Thread