ctf-challenges's People
Forkers
40huo crackercat puresteelzhang shuixi2013 6xunlaoren re-expoc nydubh3 hcamael wukong-16 winmin qrzbing bash-c lovebair2022 septyem tr3dlih hillmanyoung rudrasingh99 satan1a hwhxy babycoming a11en4 taiji1985 murkuo summerban artemis1029 astarbo cr1ft ohmygodwife zihuocc terrychan9527 jenniexlisa fengxl3320 s0ck4t7 adrainye hackcat hutianyi003 wangzh0ng macthink abook-xm angelkitty sry309 h4lo chengbing999 leeeddin supjerk b4ubles liufuqin0922 krpronie nuhdv alexsandershaw cjcslhp barech ret2ver raven013 ret2p4nda nicholas1126 qianfei11 syydsn silience ilovekeer imsebao poxlove3 wangyun2018 yousaer yugithubaccount ackero sdlszjb sirman frdqy waterdemo cameljly wangyankun17 andrewli315 anchray terncgod n0va-scy joaus-source spec43 soporbear guoker3 skyroot antoniobianchi333 hexbaby lovezj cbqloveby gnipnehc cosmech kerinchen911 qq379797807 vinadiakt tensshinet kungia09 chenzhe56 qaqmander yongbozhu helloexp aplus123 tina2114 awindog lydhrctf-challenges's Issues
ret2syscall是用什么命令编译的,能不能提供下makefile
ret2shellcode exp没有看到进入控制台的效果
下载了ret2shellcode的代码,执行的效果如下:
[+] Starting local process './bof': pid 55137
[] Switching to interactive mode
No system for you this time !!!
bye bye ~[] Got EOF while reading in interactive
$ test
[] Process './bof' stopped with exit code -11 (SIGSEGV) (pid 55137)
[] Got EOF while sending in interactive
ret2shellcode.c 用题目提供的执行文件可以,自己编译不能溢出成功!
(https://github.com/ctf-wiki/ctf-challenges/tree/master/pwn/stackoverflow/ret2shellcode/ret2shellcode-example)/ret2shellcode.c
用这个文件编译之后,用给出的方法不行,用题目中提供的执行文件可以。通过gdb发现:
题目给的目标文件:
──────[ DISASM ]────
► 0x8048536 <main+9> mov eax, dword ptr [0x804a060]
0x804853b <main+14> mov dword ptr [esp + 0xc], 0 mov操作
0x8048543 <main+22> mov dword ptr [esp + 8], 2
0x804854b <main+30> mov dword ptr [esp + 4], 0
0x8048553 <main+38> mov dword ptr [esp], eax
0x8048556 <main+41> call setvbuf@plt setvbuf@plt
而自己编译之后这样:
────────────[ DISASM ]─────
► 0x80484f9 <main+14> sub esp, 0x74
0x80484fc <main+17> mov eax, dword ptr [stdout@@GLIBC_2.0] <0x804a044>
0x8048501 <main+22> push 0 push操作
0x8048503 <main+24> push 2
0x8048505 <main+26> push 0
0x8048507 <main+28> push eax
0x8048508 <main+29> call setvbuf@plt setvbuf@plt
造成不能溢出成功
请问题目中的执行文件如何编译的?
是否考虑去掉或替换题目名中的特殊字符,避免在Windows环境下Clone出现的问题
在Windows中,<>,/,\,|,:,"",*,?
等符号不能在文件名中出现,使得在clone时 2015广州强网杯-爆破?
这样的题目名会导致clone出错。
能不能考虑把这些字符替换为对应的中文字符来避开这个问题或者替换掉这些无效字符?如果这个方式ok的话我之后提交一个相应的PR?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.