#include <stdio.h> 
#include <stdlib.h> 
#include <sys/types.h> 
#include <signal.h>  
char thingy[40];

int nadine;

int execute_thingy() { 
  printf("\nCongrats dude!\nPlz send your sploit to abraxas@sekure.de to 
get the level2 pass\n"); 
  setreuid(nadine,nadine); 
  system(thingy);
  exit(0);
}

int main()
{
  long prot=0x000a0015; 
  int  uid=getuid();
  char buf4[40];
  char check[500];
  char buf3[80];
  long prot2=0x000a00ff; 
  char *buf2;
  char buf[sizeof(check)]; 
  char *blah;


  if(!(blah=malloc(sizeof(check)))) { 
    printf("\nCouldn't allocate memory!\n"); 
    exit(-1);
  }
  strcpy(buf3, "hmmmz whatever");
  buf2=0x0;
  scanf("%500s",blah);
  if(strchr(blah,'n')) exit(-1);   // %hnÀ̳ª %nÀ» »ç¿ëÇÏÁö ¸øÇÏ°Ô ¸·°í ÀÖ¾î¿ä.
  
  sprintf(buf, blah);
  if((strlen(buf)>350)&&(strlen(buf)<400)) kill(0,11);
  printf(buf);           // Æ÷¸ä½ºÆ®¸µÀ» Çã¿ëÇÏ´Â ºÎºÐÀÔ´Ï´Ù. Áï, %x¸¦ ÀÌ¿ëÇؼ­
                            // 500 ÀÌ ³Ñ°Ô ¹öÆÛ¸¦ ä¿ï ¼ö ÀÖ½À´Ï´Ù.
  printf("\nbuf3->%p buf2->%p\nexecute_thingy->%p\n",buf3,buf2,execute_thingy); 
  if(((buf2!=0x0)&&((long *)buf2!=(long *)&buf3))||(prot2!=0x000a00ff)) {
    printf("\nACK!!!!!\nError! Buffer address mismatch.\n");
    kill(0,11);
  }
  if ((long *)buf2==(long *)&buf3) { 
    scanf("%556s",check);     // ÀÌ ºÎºÐÀ» ÅëÇؼ­ uid¿Í ¸®ÅÏ ¾îµå·¹½º¸¦ 
                                            // ¿À¹öÇÃ·Î¿ì ½ÃÄÑ¾ß µÉ°Å °°Àºµ¥..
    if((prot!=0x000a0015)&&(uid!=geteuid())) {  // ÀÌ ºÎºÐ¿¡¼­ NULLÀÌ °É·Á¿ä.
      printf("\nDun flood me, dammit!\n");
      kill(0,11);
    }
  }
  nadine=uid;
  memcpy(thingy,buf4,sizeof(thingy));
  bzero(check, sizeof(check));
  bzero(blah, sizeof(check));
  bzero(buf, sizeof(buf));
  bzero(buf3, sizeof(buf3));
}