Could you explain a way I can modify the ".secret" (The first file being read) so that it displays the contents of ""/var/challenge/read-secret/.secret"" (The second one), so that the buffers become equal. The problem is that I'm not given the permissions of ""/var/challenge/read-secret/.secret", so I can't open it directly to find its content.
int main(int argc, char *argv[])
{
FILE *f; // file pointer f is defined
char buf1[33]; // buffer character array buf1 is defined with size 33 in it which is empty right now
char buf2[33];
int i;
setreuid(geteuid(), geteuid()); //setreuid() set real and effective user IDs of calling process
setregid(getegid(), getegid()); // setregid - set real and effective group IDs
f = popen("/bin/cat ~/.secret", "r"); // open the file which is located in home directory which is hidden will be open in read mode and read content using cat command
if ((i = fread(buf1, 1, 32, f)) == 0) { // if that file could not read then throw an error
perror("fread");
return 1;
}
buf1[i] = '\0'; // else read until null character found or end of file and store it in buf1
f = fopen("/var/challenge/read-secret/.secret", "r"); // open /var/challenge/read-secret/.secret file in read mode
if ((i = fread(buf2, 1, 32, f)) == 0) { // if that file could not read then throw an error
perror("fread");
return 1;
}
buf2[i] = '\0'; // else read until null character found or end of file and store it in buf2
if (!strcmp(buf1, buf2)) { // compare two buffer if both are same open the terminal
execl("/bin/sh", "/bin/sh", (void *)NULL);
}
fprintf(stderr, "Wrong password!\n"); // else print wrong password
return 0;
}