// gcc -o prob prob.c -m32 -no-pie -fno-stack-protector -O0 -mpreferred-stack-boundary=2
#include <stdlib.h>
#include <malloc.h>
#include <string.h>
#include <fcntl.h>
#include <unistd.h>
#include <stdio.h>
void welcome() {
printf("Welcome to 25th HackingCamp !\n");
}
void read_flag() {
char buf[39];
memset(buf, 0, 39);
int fd = open("/home/user/flag", 0);
if (fd < 0) { exit(-1); }
read(fd, buf, 39);
write(1, "\nHere flag : ", 13);
write(1, buf, 39);
close(fd);
write(1, "\n", 1);
exit(0);
}
int main() {
char name[0x20];
memset(name, 0, 0x20);
void (*func)() = welcome;
func();
write(1, "Your age : ", 11);
int a;
scanf("%d", &a);
if (a == -128) return 0;
char age = a;
if(age < -127) {
write(1, "Your name : ", 12);
read(0, name, 0x25);
write(1, "Hello, ", 7);
write(1, name, strlen(name));
func();
}
return 0;
}
那位师傅能帮我讲解一下这个程序的弱点和payload应该怎么设计
