{"id":566,"date":"2023-04-03T11:37:00","date_gmt":"2023-04-03T09:37:00","guid":{"rendered":"https:\/\/mindshield.eu\/?p=566"},"modified":"2023-04-04T15:11:12","modified_gmt":"2023-04-04T13:11:12","slug":"narnia-3","status":"publish","type":"post","link":"https:\/\/mindshield.eu\/index.php\/2023\/04\/03\/narnia-3\/","title":{"rendered":"\ud83e\udd81Narnia 3"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

On se retrouve une nouvelle fois pour un challenge de la s\u00e9rie Narnia.<\/p>

Tout d\u2019abord, bravo pour votre pers\u00e9v\u00e9rance pour ces challenges.<\/p>

Le challenge Narnia3 n’est pas excessivement complexe, ainsi je ne vous donnerai que quelques pistes pour le r\u00e9ussir plus rapidement.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

D\u00e9couverte<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Voici le challenge de Narnia3 :<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\n\t\t\t\t\t#include \r\n#include \r\n#include \r\n#include \r\n#include \r\n#include \r\n#include \r\n\r\nint main(int argc, char **argv){\r\n\r\n    int  ifd,  ofd;\r\n    char ofile[16] = \"\/dev\/null\";\r\n    char ifile[32];\r\n    char buf[32];\r\n\r\n    if(argc != 2){\r\n        printf(\"usage, %s file, will send contents of file 2 \/dev\/null\\n\",argv[0]);\r\n        exit(-1);\r\n    }\r\n\r\n    \/* open files *\/\r\n    strcpy(ifile, argv[1]);\r\n    if((ofd = open(ofile,O_RDWR)) &lt; 0 ){\r\n        printf(&quot;error opening %s\\n&quot;, ofile);\r\n        exit(-1);\r\n    }\r\n    if((ifd = open(ifile, O_RDONLY)) &lt; 0 ){\r\n        printf(&quot;error opening %s\\n&quot;, ifile);\r\n        exit(-1);\r\n    }\r\n\r\n    \/* copy from file1 to file2 *\/\r\n    read(ifd, buf, sizeof(buf)-1);\r\n    write(ofd,buf, sizeof(buf)-1);\r\n    printf(&quot;copied contents of %s to a safer place... (%s)\\n&quot;,ifile,ofile);\r\n\r\n    \/* close &#039;em *\/\r\n    close(ifd);\r\n    close(ofd);\r\n\r\n    exit(1);\r\n}<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-3ea108d elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"3ea108d\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-92bd6e4\" data-id=\"92bd6e4\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5fe3501 elementor-widget elementor-widget-text-editor\" data-id=\"5fe3501\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tDe fa\u00e7on simple, ce programme copie le contenu d\u2019un fichier vers un autre, sp\u00e9cifi\u00e9s en arguments.<br><br>\n\nVoici les diff\u00e9rents tests \u00e0 effectuer pour essayer de mieux comprendre ce programme : <br><br>\n\nEn pr\u00e9cisant 2 arguments pour input\/ouput (appel\u00e9s <code>ifile<\/code> et <code>ofile<\/code>), cela redirige le contenu du fichier directement dans <code>\/dev\/null<\/code> :\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-365bdb8 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"365bdb8\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-a726cb9\" data-id=\"a726cb9\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-94649c4 elementor-widget elementor-widget-image\" data-id=\"94649c4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"669\" height=\"31\" src=\"https:\/\/mindshield.eu\/wp-content\/uploads\/2023\/04\/Untitled-3.png\" class=\"attachment-large size-large wp-image-568\" alt=\"\" srcset=\"https:\/\/mindshield.eu\/wp-content\/uploads\/2023\/04\/Untitled-3.png 669w, https:\/\/mindshield.eu\/wp-content\/uploads\/2023\/04\/Untitled-3-300x14.png 300w\" sizes=\"(max-width: 669px) 100vw, 669px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-eae3dac elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"eae3dac\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-ce59dcd\" data-id=\"ce59dcd\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-9a2be55 elementor-widget elementor-widget-text-editor\" data-id=\"9a2be55\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>En mettant le contenu d\u2019un fichier auquel je n\u2019ai pas d\u2019acc\u00e8s, cela m\u2019affiche ce message d\u2019erreur :<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-822f3b1 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"822f3b1\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-983b4f0\" data-id=\"983b4f0\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-9f20949 elementor-widget elementor-widget-image\" data-id=\"9f20949\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"468\" height=\"34\" src=\"https:\/\/mindshield.eu\/wp-content\/uploads\/2023\/04\/Untitled-4.png\" class=\"attachment-large size-large wp-image-569\" alt=\"\" srcset=\"https:\/\/mindshield.eu\/wp-content\/uploads\/2023\/04\/Untitled-4.png 468w, https:\/\/mindshield.eu\/wp-content\/uploads\/2023\/04\/Untitled-4-300x22.png 300w\" sizes=\"(max-width: 468px) 100vw, 468px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-70ae5b4 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"70ae5b4\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-fd58c5d\" data-id=\"fd58c5d\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-ddc46aa elementor-widget elementor-widget-text-editor\" data-id=\"ddc46aa\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tMais si je mets le contenu d\u2019un fichier auquel j\u2019ai acc\u00e8s, cela le copie \u201cdans un endroit s\u00fbr\u201d, c\u2019est \u00e0 dire\n<code>\/dev\/null<\/code>\n<span role=\"img\" aria-label=\"\ud83d\ude05\">\ud83d\ude05<\/span>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-593d1a4 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"593d1a4\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-3564376\" data-id=\"3564376\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-e860fb0 elementor-widget elementor-widget-image\" data-id=\"e860fb0\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"599\" height=\"29\" src=\"https:\/\/mindshield.eu\/wp-content\/uploads\/2023\/04\/Untitled-5.png\" class=\"attachment-large size-large wp-image-570\" alt=\"\" srcset=\"https:\/\/mindshield.eu\/wp-content\/uploads\/2023\/04\/Untitled-5.png 599w, https:\/\/mindshield.eu\/wp-content\/uploads\/2023\/04\/Untitled-5-300x15.png 300w\" sizes=\"(max-width: 599px) 100vw, 599px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-f359cd5 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"f359cd5\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-84ae025\" data-id=\"84ae025\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-17e54c1 elementor-widget elementor-widget-text-editor\" data-id=\"17e54c1\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Voil\u00e0 pour les diff\u00e9rents cas d\u2019usage de ce script.<\/p><p>Vous aurez remarqu\u00e9 que n\u2019importe quel input est entr\u00e9, cela cr\u00e9e <strong>soit une erreur, soit envoie le r\u00e9sultat dans <code>\/dev\/null<\/code>.<\/strong><\/p><p>Ce qui serait pratique, \u00e7a serait de pouvoir <strong>modifier directement <code>ofile<\/code>\u2026<\/strong><\/p><p>Heureusement pour nous, le code utilise une fonction tr\u00e8s <b>vuln\u00e9rable <\/b>: <code>strcpy<\/code>.<\/p><blockquote><p><em>Pour rappel, cette fonction permet de copier les caract\u00e8res d\u2019une string \u00e0 une autre. Cependant celle-ci <strong>ne v\u00e9rifie pas s\u2019il y a la place d\u2019\u00e9crire dans la destination<\/strong>.<\/em><\/p><\/blockquote><p>Ainsi, \u00e0 cause de ce souci de configuration, nous pouvons facilement effectuer notre buffer-over-flow.<\/p><p>On se demande bien quel fichier il sera int\u00e9ressant de lire&#8230;\u00a0<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-0501425 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"0501425\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-02060a2\" data-id=\"02060a2\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-819e66f elementor-widget elementor-widget-heading\" data-id=\"819e66f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Raisonnement<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-9d904f5 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"9d904f5\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-2030647\" data-id=\"2030647\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-1134225 elementor-widget elementor-widget-text-editor\" data-id=\"1134225\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Dans un premier temps, voyons voir quelles conditions doit remplir notre buffer :<\/p><ul><li>Nous avons besoin, en premier, de remplir compl\u00e8tement le buffer <code>ifile<\/code> de 32 caract\u00e8res.<\/li><li>Nous avons aussi besoin que <code>ifile<\/code> pointe vers le nom du fichier qu&#8217;on souhaite lire.<\/li><li>La deuxi\u00e8me valeur doit \u00eatre un chemin de maximum 16 caract\u00e8res existant, afin que le programme puisse \u00e9crire \u00e0 l&#8217;int\u00e9rieur. (Attention &#8216;\\0&#8217; est aussi un caract\u00e8re)<\/li><li>Pour r\u00e9sumer, il nous faut un <strong>chemin de 48 caract\u00e8res qui existe<\/strong> mais dont les <strong>16 derniers caract\u00e8res<\/strong> sont <strong>aussi un chemin existant<\/strong> !<\/li><\/ul><p>On peut se poser la question de comment avoir des noms de fichiers imbriqu\u00e9s valides pour lire un fichier arbitraire.<\/p><p>C\u2019est en fait tr\u00e8s simple : il suffit d\u2019utiliser un <strong>lien symbolique<\/strong> !<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-cd3f56b elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"cd3f56b\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-49daed2\" data-id=\"49daed2\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-ad231bf elementor-widget elementor-widget-heading\" data-id=\"ad231bf\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Les liens symboliques<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-874062e elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"874062e\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-ceafedc\" data-id=\"ceafedc\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-dff1cc0 elementor-widget elementor-widget-text-editor\" data-id=\"dff1cc0\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Un lien symbolique est un raccourci. Il permet tout simplement d\u2019attribuer un autre chemin d\u2019acc\u00e8s \u00e0 un fichier.<\/p><p>Si le fichier original est modifi\u00e9, le lien symbolique sera modifi\u00e9 aussi.<\/p><p>Si le fichier original est supprim\u00e9, le lien symbolique ne pointera plus nul part.<\/p><p>Voici la commande pour cr\u00e9er un lien symbolique :<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-499a34c elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"499a34c\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-9a269c1\" data-id=\"9a269c1\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-569aab4 elementor-widget elementor-widget-code-highlight\" data-id=\"569aab4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"prismjs-okaidia copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-c \">\n\t\t\t\t<code readonly=\"true\" class=\"language-c\">\n\t\t\t\t\t<xmp>ln -s -f   <\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-4537a25 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"4537a25\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-b1305fe\" data-id=\"b1305fe\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-d6af949 elementor-widget elementor-widget-text-editor\" data-id=\"d6af949\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Vous pouvez v\u00e9rifier que votre lien symbolique a bien \u00e9t\u00e9 cr\u00e9e en tapant cette commande au niveau de la destination :<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-60ed59a elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"60ed59a\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-2d9a153\" data-id=\"2d9a153\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-c85d120 elementor-widget elementor-widget-code-highlight\" data-id=\"c85d120\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"prismjs-okaidia copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-bash \">\n\t\t\t\t<code readonly=\"true\" class=\"language-bash\">\n\t\t\t\t\t<xmp>ls -lah<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-28ade33 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"28ade33\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-4dec680\" data-id=\"4dec680\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-9f0cbfc elementor-widget elementor-widget-text-editor\" data-id=\"9f0cbfc\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Si le lien symbolique a bien \u00e9t\u00e9 effectu\u00e9, il sera signal\u00e9 par une fl\u00e8che et sa source :<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-d78e1f8 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"d78e1f8\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-35e3f0f\" data-id=\"35e3f0f\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-ccf1cd6 elementor-widget elementor-widget-code-highlight\" data-id=\"ccf1cd6\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"prismjs-okaidia copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-bash \">\n\t\t\t\t<code readonly=\"true\" class=\"language-bash\">\n\t\t\t\t\t<xmp>total 168K\r\ndrwxrwxr-x    2 narnia3 narnia3 4.0K Feb  3 14:23 .\r\ndrwxrwx-wt 4117 root    root    160K Feb  3 14:23 ..\r\nlrwxrwxrwx    1 narnia3 narnia3   24 Feb  3 14:23 a -&gt; \/etc\/narnia_pass\/narnia4<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-7b862d3 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"7b862d3\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-ac93c13\" data-id=\"ac93c13\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-6644149 elementor-widget elementor-widget-text-editor\" data-id=\"6644149\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tIl ne vous reste plus qu&#8217;\u00e0 trouver la bonne combinaison de chemin afin d&#8217;exploiter la faille.\n\n&nbsp;<blockquote> <b> Indice <\/b> : Rappelez-vous que dans le dossier <code>\/tmp<\/code>, vous avez tous les droits (cr\u00e9ation de dossier, de fichier&#8230;)<\/blockquote>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-e855239 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"e855239\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-84b7084\" data-id=\"84b7084\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-e6844e7 elementor-widget elementor-widget-heading\" data-id=\"e6844e7\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Conclusion<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-7edd5ec elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"7edd5ec\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-c1c2b57\" data-id=\"c1c2b57\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-e9ffe29 elementor-widget elementor-widget-text-editor\" data-id=\"e9ffe29\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><span style=\"font-size: 18px;color: var( --e-global-color-text );font-family: var( --e-global-typography-text-font-family ), Sans-serif;font-weight: var( --e-global-typography-text-font-weight )\">Il ne s\u2019agit clairement pas du challenge qui requiert le plus de connaissances, m\u00eame s\u2019il requiert une certaine gymnastique d\u2019esprit.<\/span><\/p><p>Cela reste toujours int\u00e9ressant d\u2019\u00e9tudier diff\u00e9rentes mani\u00e8res d\u2019exploiter un m\u00eame souci de configuration.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-7d61c7a elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"7d61c7a\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-8f1ef02\" data-id=\"8f1ef02\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-7ebe698 elementor-widget elementor-widget-heading\" data-id=\"7ebe698\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Ressources<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-a870d3d elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"a870d3d\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-b63f6ac\" data-id=\"b63f6ac\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-0348a13 elementor-widget elementor-widget-text-editor\" data-id=\"0348a13\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><a href=\"https:\/\/doc.ubuntu-fr.org\/lien_physique_et_symbolique\">https:\/\/doc.ubuntu-fr.org\/lien_physique_et_symbolique<\/a><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>On se retrouve une nouvelle fois pour un challenge de la s\u00e9rie Narnia. Tout d\u2019abord, bravo pour votre pers\u00e9v\u00e9rance pour ces challenges. Le challenge Narnia3 n&#8217;est pas excessivement complexe, ainsi je ne vous donnerai que quelques pistes pour le r\u00e9ussir plus rapidement. D\u00e9couverte Voici le challenge de Narnia3 : #include #include #include #include #include #include&hellip; <br \/> <a class=\"button small blue\" href=\"https:\/\/mindshield.eu\/index.php\/2023\/04\/03\/narnia-3\/\">Read more<\/a><\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[8,10],"class_list":["post-566","post","type-post","status-publish","format-standard","hentry","category-narnia_challenges","tag-challenge","tag-exploit"],"_links":{"self":[{"href":"https:\/\/mindshield.eu\/index.php\/wp-json\/wp\/v2\/posts\/566","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mindshield.eu\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mindshield.eu\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mindshield.eu\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/mindshield.eu\/index.php\/wp-json\/wp\/v2\/comments?post=566"}],"version-history":[{"count":37,"href":"https:\/\/mindshield.eu\/index.php\/wp-json\/wp\/v2\/posts\/566\/revisions"}],"predecessor-version":[{"id":848,"href":"https:\/\/mindshield.eu\/index.php\/wp-json\/wp\/v2\/posts\/566\/revisions\/848"}],"wp:attachment":[{"href":"https:\/\/mindshield.eu\/index.php\/wp-json\/wp\/v2\/media?parent=566"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mindshield.eu\/index.php\/wp-json\/wp\/v2\/categories?post=566"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mindshield.eu\/index.php\/wp-json\/wp\/v2\/tags?post=566"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}