随笔分类 - ctf比赛复现
moectf2024
摘要:no_more_gets(lockedshell) from pwn import * io = remote("127.0.0.1",11145) io.recvuntil("get out.\n") payload = b'a' * (0x50+8) + p64(0x40129E) + p64(
buildctf pwn
摘要:ez_note 有几个功能add,delete,show,edit add按顺序添加节点,且最大只能是0x80 delete没有清空指针,有UAF漏洞 show输出内容 edit,先是输入长度,然后编辑内容,有堆溢出漏洞 这个题目的保护全开,最重要的就是泄露libc的地址,unsorted_bin的
BaseCTF2024 pwn
摘要:[Week1] Ret2text exp from pwn import * context(os='linux',arch = 'amd64',log_level = 'debug') io = remote("challenge.basectf.fun",32537) #io = process
xyctf2024 pwn
摘要:hello world checksec 大多保护都开启了 main函数 int __fastcall main(int argc, const char **argv, const char **envp) { char buf[20]; // [rsp+0h] [rbp-20h] BYREF i
xyctf2024 Crypto
摘要:babyRSAMAX souce.py from Crypto.Util.number import * from gmpy2 import * from random import choice flag = b'XYCTF{******}' e = '?' def getBabyPrime(nb
