Post

Source

Posted Updated
Preview Image
By 2$0b.|3r0th3rcc 1 min read

Ok, let’s continue with the Source challenge

What is the technology affected? (5 points)

I will open the file zlib.c with VS code

image

Sure, I’m a chicken in this area so I had to search everything to find out .-.

Alt text

First, I found out what SAPI.h is used with php.h for

As you can see, SAPI.h is located entirely in the main function

image

but… I don’t know what it does @~@ so instead of searching on GG, I usually ask GPT chat

Simply put, it contains definitions and functions related to the Server API that allow PHP to work with many different web servers

image

After understanding, ext/standard for extension support etc

image

I’m learn about Zend/zend_interfaces.h

Zend Engine is a key component of PHP runtime, providing higher performance and features for PHP applications

image

Grab the skirt, it’s aiming for php =)))

Based on the list of vulnerability categories in the challenge scenario, which one describes the identified vulnerability? (5 points)

I found report about this vulnerability

If you want to understand more about this vulnerability, and how it works, go to report to see 0.<

image

Based on the information I read in the newspaper and the list of vulnerabilities that the challenge has listed

Vulnerability Categories (Use this list to answer the related question. Example: Path Traversal): 1. Authentication Bypass 2. Buffer Overflow 3. Code Execution 4. Command Execution 5. Cryptographic flaw 6. Cross Origin Resource Sharing bypass 7. File Inclusion 8. Insecure Direct Object Reference 9. Insecure Deserialization 10. Path Traversal 11. Race Condition 12. Server-Side Request Forgery 13. Server-Side Template Injection 14. SQL Injection 15. XML External Entity

Command Execution

See the corresponding commit. How many lines of code were added when the vulnerability was introduced? (5 points)

Based on a developer’s main statement related to the event

Read it here

image

There is a link to php zlib commit history on github, showing code changes

image

11

What HTTP head is required to exploit the vulnerability? (5 points)

User-Agent

Alt text

goodbye, thank you for reading until now //~//

BTLO, Reverse Engineering
Manual Code Review Blue Team btlo reverse
This post is licensed under CC BY 4.0 by the author.