Program Misuse


Playing With Programs.

For each challenge in this module, a different (standard) program that is owned by root has its suid bit set. Probably, this program is not normally designed to be suid. Your task is to misuse the program with this increased privilege to read the flag. Some of these programs are ordinarily used to read files; several of them are not. In order to better understand how to use (and misuse) these programs, you may want to read through their man pages.


Lectures and Reading


Challenges

Lets you directly read the flag!

Lets you directly read the flag!

Lets you directly read the flag!

Lets you directly read the flag!

Lets you directly read the flag!

Lets you directly read the flag!

Shows you that an over-privileged editor is a very powerful tool!

Shows you that an over-privileged editor is a very powerful tool!

Shows you that an over-privileged editor is a very powerful tool!

Requires you to understand their output to derive the flag from it!

Requires you to understand their output to derive the flag from it!

Requires you to understand their output to derive the flag from it!

Requires you to understand their output to derive the flag from it!

Requires you to understand their output to derive the flag from it!

Requires you to understand their output to derive the flag from it!

Requires you to understand their output to derive the flag from it!

Forces you to understand different archive formats!

Forces you to understand different archive formats!

Forces you to understand different archive formats!

Forces you to understand different archive formats!

Forces you to understand different archive formats!

Forces you to understand different archive formats!

Forces you to understand different archive formats!

Enables you to read flags by making them execute other commands!

Enables you to read flags by making them execute other commands!

Enables you to read flags by making them execute other commands!

Enables you to read flags by making them execute other commands!

Enables you to read flags by making them execute other commands!

Enables you to read flags by making them execute other commands!

Enables you to read flags by making them execute other commands!

Enables you to read flags by making them execute other commands!

Enables you to read flags by making them execute other commands!

Requires some light programming to read the flag.!

Requires some light programming to read the flag.!

Requires some light programming to read the flag.!

Requires some light programming to read the flag.!

Lets you get the flag by doing tricks with permissions!

Lets you get the flag by doing tricks with permissions!

Lets you get the flag by doing tricks with permissions!

Lets you get the flag by doing tricks with permissions!

Lets you read the flag because they let you program anything!

Lets you read the flag because they let you program anything!

Lets you read the flag because they let you program anything!

Lets you read the flag because they let you program anything!

Just straight up wasn't designed to let you read files!

Just straight up wasn't designed to let you read files!

Just straight up wasn't designed to let you read files!

Just straight up wasn't designed to let you read files!

Just straight up wasn't designed to let you read files!

Just straight up wasn't designed to let you read files! This level has a "decoy" solution that looks like it leaks the flag, but is not correct. If you're submitting what you feel should be a valid flag, and the dojo doesn't accept it, try your solution against a file with uppercase characters to see what's going on.

Shows how dangerous it is to allow users to load their own code as plugins into the program (but figuring out how is the hard part)!


30-Day Scoreboard:

This scoreboard reflects solves for challenges in this module after the module launched in this dojo.

7-Day | 30-Day | All-Time

Rank Hacker Badges Score