목록PBjar (2)
[PBjarCTF 2021] PWN - fmtstr
void vuln(){ char buf[128]; puts("EXPLOIT:\n"); puts("Here we go, I'll be nice and read three inputs, and all three will be outputted with printf as its first paramter.\n"); puts("However, no overflows, I won't take more than 128 characters at a time. :pensive:\n"); puts("Give me your first input:"); fgets(buf, sizeof(buf), stdin); printf(buf); puts(""); puts("Nice, now give me your second input..
[PBjarCTF 2021] PWN - walkthrough
사진으로 남겨둔게 없어서 일단 코드부터 보겠음 그냥 연습문제라는데 ROP, FSB 둘다 해야함 void rop(){ char buf[0x40]; gets(buf); //here is the overflow vuln, rest is info puts(""); stkstrt(); stk(buf, 0x0, "(buf strt)"); for(int i = 0x1; i < 0x7; i++) stk(buf, i, ""); stk(buf, 0x7, "(buf end)"); stk(buf, 0x8, ""); stk(buf, 0x9, "(canary)"); stk(buf, 0xa, "(rop func base ptr)"); stk(buf, 0xb, "(rop func return ptr)"); stk(buf, 0xc, ..