wtf

WTF is white tight feet.

  1. 1. 0x00 overview
    1. 1.1. structure
    2. 1.2. checksec
  2. 2. 0x01 Buffer overflow & Shellcode
    1. 2.1. exploit condition

0x00 overview

structure

It clears that there is a struct named O.

member name has 24 bits size, send name from our input to 0->name

checksec

nice! Many knowledge can be learned through these process: (BOF, FSB, UAF).

0x01 Buffer overflow & Shellcode

exploit condition

NX disabled

overwrite 0x20 + 8(rbp) + shellcode

But find id size only 8.

本文作者 : wtfff
本作品采用知识共享署名-非商业性使用-禁止演绎 4.0 国际许可协议(CC BY-NC-SA 4.0)进行许可。This blog is under a CC BY-NC-SA 4.0 Unported License
本文链接 : http://im0use.github.io/2022/06/28/echo2/

本文最后更新于 天前,文中所描述的信息可能已发生改变