Okay so we have a bof, can we get it to redirect IP (instruction pointer) to something else?
If you get stuck liveoverflow covers you again!
nc thekidofarcrania.com 4902
Basically it is similar to RET2WIN attack as we have to overwrite the return address with the address of win function...hence we'll get the flag :)
GOOD
CTFlearn{c0ntr0ling_r1p_1s_n0t_t00_h4rd_abjkdlfa}
really suitable for a newer!
why the hell would python3 print c2's ,what are this c2's
why the hell would python3 print c2's ,what are this c2's
Very practical for a beginner, THANKS. #hint: replace the 'return address' with the 'win()' function address. (you can find it using any debugger as 'gdb' is), then using python2 to inject it (or overflow it) into the binary. (Ensure the address is in 'raw binary' value !).
3 months ago
Very practical for a beginner, THANKS. #hint: replace the 'return address' with the 'win()' function address. (you can find it using any debugger as 'gdb' is), then using python2 to inject it (or overflow it) into the binary. (Ensure the address is in 'raw binary' value !).