Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Arbitrary File Read #94

Open
caioluders opened this issue May 31, 2021 · 1 comment
Open

Arbitrary File Read #94

caioluders opened this issue May 31, 2021 · 1 comment

Comments

@caioluders
Copy link

Hello!

Just opening an issue about my challenge on Pwn2Win : Dots Exposed .
It's possible to achieve Arbitrary file read using the library import. Here's a writeup about it by @qxxxb https://github.com/qxxxb/ctf/tree/master/2021/pwn2win/dots_exposed ( I'm kinda lazy, and he's done an amazing job ). Still not sure if you'll want to fix this, but wanted to make an issue to formalize it (:

Thanks.
@aaronjanse aaronjanse mentioned this issue May 31, 2021
Open
@aaronjanse
Copy link
Owner

Great find, and thank you @qxxxb for the writeup!

There are two major things going on here:

  1. Arbitrary file paths can be used as libraries. This is probably a feature when run locally, but it's unwanted on hosted asciidots demos.
  2. The library import function assumes that the source code has a trailing newline. I'll want to fix this because it's an improper implementation of how library importing is supposed to work.

P.S. It's exciting to see asciidots at pwn2win!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@caioluders @aaronjanse