栈题
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
from pwn import *
context.log_level = 'debug'
file = ""
local=0
if local == 0:
p = process("./"+file)
elf = ELF("./"+file)
libc = ELF("/lib/x86_64-linux-gnu/libc-2.23.so")
elif local == 1:
p = process(["/usr/local/glibc-2.23/lib/ld-2.23.so", "./"+file],
env={"LD_PRELOAD":"/usr/local/glibc-2.23/lib/libc-2.23.so"})
elf = ELF("./"+file)
libc = ELF("/usr/local/glibc-2.23/lib/libc-2.23.so")
elif local == 2:
p = remote()
elf = ELF("./"+file)
libc = ELF("./libc-2.23.so")
p.recvuntil()
p.sendline()
gdb.attach(p)
pause()
p.interactive()
|
堆题
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
from pwn import *
context.log_level = 'debug'
file = ""
local=0
if local == 0:
p = process("./"+file)
elf = ELF("./"+file)
libc = ELF("/lib/x86_64-linux-gnu/libc-2.23.so")
elif local == 1:
p = process(["/usr/local/glibc-2.23/lib/ld-2.23.so", "./"+file],
env={"LD_PRELOAD":"/usr/local/glibc-2.23/lib/libc-2.23.so"})
elf = ELF("./"+file)
libc = ELF("/usr/local/glibc-2.23/lib/libc-2.23.so")
elif local == 2:
p = remote()
elf = ELF("./"+file)
libc = ELF("./libc-2.23.so")
def cmd(choice):
p.recvuntil()
p.sendline(str(choice))
def add():
cmd(1)
p.recvuntil()
p.sendline()
def edit():
def delete():
def show():
gdb.attach(p)
pause()
p.interactive()
|
Q:如果阅读本文需要付费,你是否愿意为此支付1元?
微信支付
支付宝