1 /*
2 * level18 challenge
3 *
4 * written by Tim Newsham
5 * contributions by Joshua J. Drake
6 */
7
8
9 #include <stdio.h>
10
11 #define RANDLEN 16
12 #define BUFLEN 20
13
14 #define TERMINATE1 'n'
15 #define TERMINATE2 's'
16 #define TERMINATE3 '$'
17 #define TERMINATE4 'S'
18
19 void
20 seedrand(char *seed)
21 {
22 char buf[RANDLEN];
23 int fd, i;
24
25 /* read in a seed */
26 fd = open("/dev/urandom", 0);
27 if(fd == -1)
28 exit(1);
29 if(read(fd, buf, sizeof buf) != sizeof buf)
30 exit(2);
31 close(fd);
32
33 /* make sure it doesnt use the terminator */
34 for(i = 0; i < RANDLEN - 1; i++) {
35 if(buf[i] == TERMINATE1
36 || buf[i] == TERMINATE2
37 || buf[i] == TERMINATE3
38 || buf[i] == TERMINATE4
39 || buf[i] == '\0')
40 buf[i] = ' ';
41 }
42 buf[i] = 0;
43
44 /* return it */
45 strcpy(seed, buf);
46 }
47
48 int
49 guess(char *seed)
50 {
51 char buf[BUFLEN];
52 int i;
53
54 for(i = 0; i < BUFLEN - 1; i++) {
55 if(read(0, buf + i, 1) != 1)
56 exit(1);
57 if(buf[i] == TERMINATE1
58 || buf[i] == TERMINATE2
59 || buf[i] == TERMINATE3
60 || buf[i] == TERMINATE4)
61 break;
62 }
63 buf[i] = 0;
64
65 if(strcmp(buf, seed) == 0)
66 return 1;
67 printf(buf);
68 printf("\n");
69 fflush(stdout);
70 return 0;
71 }
72
73 int
74 main(int argc, char **argv)
75 {
76 char seed[RANDLEN];
77 int i;
78
79 seedrand(seed);
80 for(i = 0; i < 10; i++) {
81 if(guess(seed)) {
82 i = geteuid();
83 setresuid(i, i, i);
84 write(1, "YAY!\n", 5);
85 execlp("/bin/sh", "sh", 0);
86 exit(0);
87 }
88 }
89
90 printf("sorry.\n");
91 return 0;
92 }
