Kaprica Security (KPRCA)
Headscratch is an esoteric programming. Writing in headscratch is very tedious, results in obscenely verbose programs, and will leave most programmers scrating their heads out of confusion and frustration. This challenge binary implements a headscratch interpreter.
Headscratch supports the following statements.
Within the interpreter exists a data pointer that points into memory which can be modified by the currently running program. One of the statements available to programmers of headscratch is the '>' statement which increments the data pointer to point to the next byte in the section of memory used to store the data available to a program. When incrementing the data pointer, the interpreter does not check to make sure that the data pointer does not go past the upper bounds of the data array which is stored on the stack. Therefore, it is possible to increment that data pointer past the bounds of the array and onto the stack frame where the program can then arbitrarily modify the stack frame. This results in a type 1 vulnerability.
Unchecked pointer use.
CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset
The primary challenge with exploiting this challenge binary is that a CRS must be able to construct a Headscratch program that allows for the exploitation the vulnerability.
Discovering: Easy Proving: Medium Fixing: Easy
Curated by Lunge Technology, LLC. Questions or comments? Send us email