angr solved
This commit is contained in:
1
Blockharbor/pwn/Web Server Woes/flag.txt
Normal file
1
Blockharbor/pwn/Web Server Woes/flag.txt
Normal file
@@ -0,0 +1 @@
|
||||
FLAG
|
||||
25
Blockharbor/pwn/Web Server Woes/solve.py
Normal file
25
Blockharbor/pwn/Web Server Woes/solve.py
Normal file
@@ -0,0 +1,25 @@
|
||||
from pwn import *
|
||||
|
||||
elf = ELF(os.getcwd() + "/web")
|
||||
|
||||
gs = '''
|
||||
unset env LINES
|
||||
unset env COLUMNS
|
||||
set follow-fork-mode child
|
||||
br *handle_conn+64
|
||||
continue
|
||||
'''
|
||||
|
||||
def start():
|
||||
if args.GDB:
|
||||
return gdb.debug([elf.path], gs=gs)
|
||||
else:
|
||||
return process([elf.path])
|
||||
|
||||
io = start()
|
||||
sender = remote("localhost", 5000)
|
||||
|
||||
sender.send(cyclic(2000))
|
||||
|
||||
sender.interactive()
|
||||
io.interactive()
|
||||
BIN
Blockharbor/pwn/Web Server Woes/web
Executable file
BIN
Blockharbor/pwn/Web Server Woes/web
Executable file
Binary file not shown.
Reference in New Issue
Block a user