zoukankan      html  css  js  c++  java

  • CSAW CTF Qualification Round 2018

    原题

    Linked lists are great! They let you chain pieces of data together.

    nc pwn.chal.csaw.io 9005

    链接:https://ctftime.org/task/6644

    附件:(下面那个打不开的图片就是,请将文件下载下来改名为shellpointcode)

    题解

    首先看下文件的基本信息:

    $ file shellpointcode 
shellpointcode: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=214cfc4f959e86fe8500f593e60ff2a33b3057ee, not stripped

    一个64位Linux二进制动态链接文件且未去除符号信息(not stripped)。

    再看下二进制文件的安全措施:

    $ checksec shellpointcode
    Arch:     amd64-64-little
    RELRO:    Full RELRO
    Stack:    No canary found
    NX:       NX disabled
    PIE:      PIE enabled
    RWX:      Has RWX segments

    二进制文件开启了PIE但栈空间未开启canary且可执行。

    运行程序感受一下:

    $ ./shellpointcode 
Linked lists are great! 
They let you chain pieces of data together.
 
(15 bytes) Text for node 1:  
AAAA
(15 bytes) Text for node 2: 
BBBB
node1: 
node.next: 0x7fff265da260
node.buffer: AAAA
 
What are your initials?
CCCC
Thanks CCCC
 
Segmentation fault

    反汇编
  • 相关阅读:
    7.12.2
    7.12.1
    7.11.8
    循环测试条件前缀和后缀的区别
    7.11.7 两个版本
    7.11.5
    7.12 vowels.c 程序
    7.11 animals.c 程序
    7.6.2 break 语句
    7.10 break.c 程序
  • 原文地址:https://www.cnblogs.com/Antiver/p/9712127.html
Copyright © 2011-2022 走看看