Discussion
Could someone please provide a hint for a solution that is not based on return-to-libc? I managed to solve the previous two BoFs.
is NX Turned on ? BeCause i know Damn well i Solved it but it's not Re2myShell
well i started this like 5 days ago with no idea what ROP was and barely any understanding of how stacks or assembly or elf worked, and ended up solving it without libc and learning a ridiculous amount of great stuff. thanks!
ASLR ?
There is a stack leak. This can be used if you need a pointer to something specific. Alternatively, the gets() function lets you write anything anywhere (a write-what-where).
This supposed be easy, i mean hard :3. Wasting about 1 hours. But worth
congrats to the first blood tho :)
I solved this task. I would like to know how you managed to compile the program so that the memory address is unchanged. If you open "server" in IDA, the start address = 0x08048000. When I compile my task, the start address = 0, but when debugging it is constantly changing. I have not found any articles describing this problem. FROM RUSSIA WITH LOVE))
is NX Turned on ? BeCause i know Damn well i Solved it but it's not Re2myShell
well i started this like 5 days ago with no idea what ROP was and barely any understanding of how stacks or assembly or elf worked, and ended up solving it without libc and learning a ridiculous amount of great stuff. thanks!
1 year ago
where is the .c file + aslar is enabled