ABOUT ME

-

Today
-
Yesterday
-
Total
-
  • Pwnable Tips
    HACK/TIPS 2018. 6. 7. 07:30

    UTF Coding

    # -*- coding: utf-8 -*-

    Python Struct (Endian)

    import struct

    p = lambda x : struct.pack("<I", x)


    Python Socket

    import socket

    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.connect(('x.x.x.x', yyyy))
    s.send(payload+'\n')
    print s.recv(1024)

    while 1:
    t = raw_input("$ ")
    s.send(t+'\n')
    print s.recv(1024)
    s.close()

    python Pwntools

    from pwn import *

    p = remote("x.x.x.x", yyyy)
    payload += p32(function)
    #print p.recvuntil('>')
    print p.recv(1024)
    p.sendline(payload)

    p.interactive()


    Color grep

    grep xx --color=auto

    Get pid in gdb

    (gdb) b *main
    (gdb) r
    (gdb) info proc exe
    (gdb) shell cat /etc/{pid}/maps


    Get ROP gadget

    objdump -d myBinary | grep ret -B3 --color=auto


    Get /bin/sh

    objdump -s myBinary | grep / --color=auto

    objdump -s myBinary | grep b --color=auto

    objdump -s myBinary | grep i --color=auto

    objdump -s myBinary | grep n --color=auto

    objdump -s myBinary | grep s --color=auto

    objdump -s myBinary | grep h --color=auto


    Get strcpy

    objdump -d myBinary | grep strcpy --color=auto


    Get free space

    objdump -h myBinary | grep bss --color=auto



    'HACK > TIPS' 카테고리의 다른 글

    Window Diff  (0) 2018.11.07
    Brute Force Example - itertools  (0) 2018.11.07
    CTF GetFlag Tips  (0) 2018.07.17

    댓글 0

Designed by Tistory.