-
Pwnable TipsHACK/TIPS 2018. 6. 7. 07:30
UTF Coding
# -*- coding: utf-8 -*-Python Struct (Endian)
import structp = lambda x : struct.pack("<I", x)Python Socket
import sockets = socket.socket(socket.AF_INET, socket.SOCK_STREAM)s.connect(('x.x.x.x', yyyy))s.send(payload+'\n')print s.recv(1024)while 1:t = raw_input("$ ")s.send(t+'\n')print s.recv(1024)s.close()python Pwntools
from pwn import *p = remote("x.x.x.x", yyyy)payload += p32(function)#print p.recvuntil('>')print p.recv(1024)p.sendline(payload)p.interactive()Color grep
grep xx --color=autoGet pid in gdb
(gdb) b *main(gdb) r(gdb) info proc exe(gdb) shell cat /etc/{pid}/mapsGet ROP gadget
objdump -d myBinary | grep ret -B3 --color=autoGet /bin/sh
objdump -s myBinary | grep / --color=auto
objdump -s myBinary | grep b --color=auto
objdump -s myBinary | grep i --color=auto
objdump -s myBinary | grep n --color=auto
objdump -s myBinary | grep s --color=auto
objdump -s myBinary | grep h --color=auto
Get strcpy
objdump -d myBinary | grep strcpy --color=auto
Get free space
objdump -h myBinary | grep bss --color=auto
'HACK > TIPS' 카테고리의 다른 글
Window Diff (0) 2018.11.07 Brute Force Example - itertools (0) 2018.11.07 CTF GetFlag Tips (0) 2018.07.17