using a modified ls to execute another program [duplicate]

StackOverflow https://stackoverflow.com/questions/22319744

  •  12-06-2023
  •  | 
  •  

Question

I got a modified ls:

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>

int main(int argc, char **argv){
    gid_t egid = getegid();
    setregid(egid, egid);
    printf("This is a special NSA-modified 'ls' program. Due to security reasons it can only run 'ls' without user parameters.\n");
    system("ls -l");
    return 0;
}

I need to run the modified ls to run a program called get-code, but I don't know how to trick the system function in this code to not only execute ls -l but also the get-code. This is a course from school and I am allowed to ask on the internet from my teacher, the course is how to secure the programs better to not let any security gaps in the code.

Can someone help me? THIS IS NOT A DUPLICATE I just want to know how to trick the system so I can execute it with this ls code

Was it helpful?

Solution

You could create a local ls, such as

#!/bin/bash

/bin/ls -l
/courses/InetSec1/challenge6/get-code

then put this script (you should name it as ls and run chmod a+x ls to add execute permission to it) in some directory, such as ~/bin/, and add this directory to your path by export PATH=$HOME/bin:$PATH.

After this, if you run that program again, it will run your local ls, because system() will run your command under a subshell, and that shell will search command needed to run in $PATH.

Exactly the answer given in Modify a program I'm not the owner of

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top