I am getting started with ethical hacking. Also, I love to test new things on almost all the software and apps I see. So this time I targetted codechef’s IDE. Even though I didn’t get any good result but I thought I could share what I did.
Firstly I saw if I could use system() command in the c code (which is possible). The next thing I did is see all the files there were in the sever.
and got the following:
bin
boot
…
as all hackers look for the /etc/passwd I took looked at it. With a path traversal, I learned during learning Local File Inclusion.
and got this
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
btw also looked for shadow file (but permission denied)–> next thing I am going to do is to search env variables and if any other cool files are included during the compilation so that we can make use of it.
Finally I knew CodeChef was powerful and great… so game over …