c - How to insert a null byte in memory with a string -

c - How to insert a null byte in memory with a string -

i'm doing challenges on internet, , need help

context: goal read content of .password file in directory. in directory there binary (and source code available). when execute binary got superuser rights (bit s ls).

here's code:

int main(int argc, char ** argv) { char cmd[256]= "/bin/ls -la "; if(argc!=2) { printf("usage : %s <nom de dossier>\n",argv[0]); homecoming 1; } if(strlen(argv[1])<9) { strcat(cmd, argv[1]); system(cmd); } else { printf("no input larger 8 char allowed.\n"); } homecoming 0; }

so it's basic inject command argv[1] cat .password

argv[1] = " .| cat .password"

but if(strlen(argv[1])<9) blocks me. guess must inject null byte decoy strlen. right ? i've tried hexa->string converter (0x00 -> �? ) fails…

thank help.

your argv[1] of 17 character long,

if(strlen(argv[1])<9)

will fail , goes else part.

you should increment value 9 18 or more.

c shell null byte