Writeup: echo2
At first we realize that there is a format string vulnerability by which we can leak the memory addresses of the stack and thus bypassing ASLR. After a few attempts we see that in position %10$p we leak memory address of the stack and at minus 0x20 it would be the pointer of name whose test content we entered was "AAAA". The next step is to create our exploit that makes the leak using pwntools l..
Pwning in Linux
2019. 3. 26. 04:39
Notice
Recent Posts
Recent Comments
- Total
- Today
- Yesterday
Link
TAG
- 32Bit
- pwnable.tw
- html injection
- leak stack memory address
- x64dbg
- write primitive
- arithmetic overflow/underflow
- Backdoors
- shellcode
- canary
- buffer overflow
- dnspy
- theFaunia course
- one gadget
- GOT Dereferencing/Overwriting
- stack pivot
- cracking
- Windows
- return oriented programming
- fake stack frame
- pwnable.xyz
- open-redirect
- leak libc
- Call oriented programming
- hijacking redirection flow
- format string
- use after free
- XSS
- Pwnable.kr
- ASM
일 | 월 | 화 | 수 | 목 | 금 | 토 |
---|---|---|---|---|---|---|
1 | 2 | |||||
3 | 4 | 5 | 6 | 7 | 8 | 9 |
10 | 11 | 12 | 13 | 14 | 15 | 16 |
17 | 18 | 19 | 20 | 21 | 22 | 23 |
24 | 25 | 26 | 27 | 28 | 29 | 30 |
31 |
Archives