Created
June 8, 2020 01:36
-
-
Save circleous/39dc35e40def58db9eccd2b6729c2710 to your computer and use it in GitHub Desktop.
Engineering - Joints 2020
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # pwndbg scripting | |
| gdb.execute('b* 0x555555554982') # call rdx | |
| gdb.execute('r < input') | |
| gdb.execute('s') # step into call | |
| flag = [] | |
| while True: | |
| instr = pwndbg.disasm.one() # get current instruction | |
| # instr is a part of capstone object, https://www.capstone-engine.org/lang_python.html | |
| if instr.mnemonic == "cmp" and instr.reg_name(instr.operands[0].value.reg) == "r9": | |
| gdb.execute(f"set $r9={instr.operands[1].value.imm}") | |
| flag.append(instr.operands[1].value.imm) | |
| print(bytes(flag)) | |
| if ord("}") in flag: | |
| break | |
| gdb.execute("s") # step |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment