Phantom

HackCTF x64 Buffer Overflow

x64 Buffer OverflowSourceSolvex64 Buffer OverflowSourceint __cdecl main(int argc, const char **argv, const char **envp) { char s[268]; // [rsp+10h] [rbp-110h] int v5; // [rsp+11Ch] [rbp-4h] _isoc99_scanf("%s", s, envp); v5 = strlen(s); printf("Hello %s\n", s); return 0; }Solvefrom pwn import * #context.log_level = 'DEBUG' e = ELF("./64bof_basic") #p = process("./64bof_basic") r = remote("ctf.j0n..
Pwnable/HackCTF 2022. 9. 1. 17:01
HackCTF Simple_overflow_ver_2

Simple_overflow_ver_2SourceSolveSimple_overflow_ver_2Sourceint __cdecl main(int argc, const char **argv, const char **envp) { size_t v3; // ebx char v5; // [esp+13h] [ebp-89h] char s[128]; // [esp+14h] [ebp-88h] int i; // [esp+94h] [ebp-8h] setvbuf(stdout, 0, 2, 0); v5 = 'y'; do { printf("Data : "); if ( __isoc99_scanf(" %[^\n]s", s) ) { for ( i = 0; ; ++i ) { v3 = i; if ( v3 >= strlen(s) ) brea..
Pwnable/HackCTF 2022. 9. 1. 17:00
HackCTF x64 Simple_size_BOF

x64 Simple_size_BOFSourceSolvex64 Simple_size_BOFSourceint __cdecl main(int argc, const char **argv, const char **envp) { char v4[27952]; // [rsp+0h] [rbp-6D30h] setvbuf(_bss_start, 0LL, 2, 0LL); puts(s); printf("buf: %p\n", v4); gets(v4); return 0; }Solvefrom pwn import * #context.log_level = 'DEBUG' context.arch = 'amd64' e = ELF("./Simple_size_bof") p = process("./Simple_size_bof") #r = remot..
Pwnable/HackCTF 2022. 9. 1. 17:00
Prev 1 2 3 4 5 6 ··· 100 Next