Writeup: echo2
At first we realize that there is a format string vulnerability by which we can leak the memory addresses of the stack and thus bypassing ASLR. After a few attempts we see that in position %10$p we leak memory address of the stack and at minus 0x20 it would be the pointer of name whose test content we entered was "AAAA". The next step is to create our exploit that makes the leak using pwntools l..
Pwning in Linux
2019. 3. 26. 04:39
Notice
Recent Posts
Recent Comments
- Total
- Today
- Yesterday
Link
TAG
- x64dbg
- shellcode
- Pwnable.kr
- hijacking redirection flow
- theFaunia course
- write primitive
- cracking
- buffer overflow
- arithmetic overflow/underflow
- fake stack frame
- pwnable.xyz
- Backdoors
- canary
- dnspy
- format string
- GOT Dereferencing/Overwriting
- ASM
- XSS
- return oriented programming
- pwnable.tw
- one gadget
- leak stack memory address
- stack pivot
- open-redirect
- Call oriented programming
- html injection
- use after free
- 32Bit
- Windows
- leak libc
일 | 월 | 화 | 수 | 목 | 금 | 토 |
---|---|---|---|---|---|---|
1 | 2 | |||||
3 | 4 | 5 | 6 | 7 | 8 | 9 |
10 | 11 | 12 | 13 | 14 | 15 | 16 |
17 | 18 | 19 | 20 | 21 | 22 | 23 |
24 | 25 | 26 | 27 | 28 | 29 | 30 |
31 |
Archives