[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Pwning a Lua application via printf()
- From: Rena <hyperhacker@...>
- Date: Sat, 24 Jan 2015 09:00:43 -0500
Basically, this is a game set up for people to try to hack into. This
person succeeded by exploiting its misuse of printf() to get hold
of luaL_openlibs() and from there os.execute(). Pretty neat read.
 If I'm reading correctly, the bug is in the game's own print()
implementation, and not Lua's standard print(). :-)
Sent from my Game Boy.