Remix clone Hacker News

new | show | ask | jobs Github

	▲	mananaysiempre 7 hours ago
		Good point, thanks! The crypt() of the input, not the input itself, but guessing at the (PDP-11 assembly :/ ) code for crypt() a bit, it looks like it stops after 64 characters if it can’t find a null terminator before that, so `0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef012345678901234567890123456789012345root:p3Y0ydAx:` should work as an exploit, and indeed it does. (Arbitrary 64-character password, then 36 bytes to pad to the end of the 100-byte buffer, then the part of root’s /etc/passwd entry for said password until at least the second colon.)