求知若渴,虚心若愚
week6-T1 week6-T1
Week 6 T1 bjdctf_2020_babystack 2023-02-05WPBUUCTF pwn 第十一题考点:ret2text 省略第一步……只开了NX __isoc99_scanf(“%d”, &nbytes
2023-04-01
week4&&week5-T5 week4&&week5-T5
T5 ciscn_2019_c_1 2023-01-30WPBUUCTF pwn 题考点:栈溢出 ret2libc3 0x01这不上一题刚做这类?直接模仿一手。。。。file checksec —— 64-bit 开NX 0x02运行
2023-04-01
week4&&week5-T4 week4&&week5-T4
T4 ret2libc3 2021-01-30WPctf-wiki ret2libc3考点:栈溢出rop 0x01这个是真的难…… 首先得透彻理解got和plt,其次还得对exp的写作要有一定的熟练度,而且还有各种各样古怪的写法……
2023-04-01
week4&&week5-T3 week4&&week5-T3
T3 [第五空间2019 决赛]PWN5 2023-01-27WPBUUCTF pwn第七题考点:格式化字符串漏洞 0x01file && checksec —— 32 bit , 开启NX,开启cannary 这就
2023-04-01
week4&&week5-T2 week4&&week5-T2
T2 ret2syscall 2023-01-22WPctf-wiki 基础rop考点:ret2syscall 题目链接 0x01file checksec —— 32-bit 开启NX保护,堆栈不可执行而且注意这是staticall
2023-04-01
week4 T1 week4 T1
Week4&&Week5 T1 jarvisoj_level02023-01-20WPBUUCTF pwn 第六题考点: 简单栈溢出/基本rop ret2text 0x01file checksec —— 64-bit
2023-01-20
week3 T5 week3 T5
T5 level2 2023-01-15WP攻防世界pwn题考点:ret2libc1(不是我不想往下做,而是往下做的话真的是要补太多知识了,新的知识还没学会,只好找一题来划一下水了……) 0x01file,checksec —— 32
2023-01-15
week3 T4 week3 T4
T4 ret2shellcode 2 (栈写入) 2023-01-15WPsniperoj-pwn100-shellcode考点:栈溢出 shellcode 0x01file ,checksec检查保护机制开启了PIE 地址变换 0
2023-01-15
week3 T3 week3 T3
T3 ret2shellcode 1 (bss段写入) 2023-01-15WPctf-wiki pwn考点:栈溢出 shellcode 0x01file,checksec —— 32bit,啥保护都没开 0x02IDA查看源码,没
2023-01-15
week3 T2 week3 T2
T2 wustctf2020_closed 2023-01-15WPBUUCTF pwn考点:close函数 0x01做了hgame的第二题后,去补充了一下关于close函数的知识,再从BUUCTF中找了一题练了练先file知道时6
2023-01-15
week3 T1 week3 T1
T1 easy_overflow 2023-01-14WPHgame week1 pwn 第二题考点:简单栈溢出 0x01file——64-bit,checksec 开启NX 0x02IDA看源码,先找/bin/sh,一路索引过去发现
2023-01-15
week2 T5 week2 T5
T5 cgpwn2 2023-01-09WP攻防世界 pwn题 0x01file checksec——32-bit,开启NX保护 0x02IDA中打开window发现这题又是一个找不到/bin/sh的但是在pwn函数中还是找到了sys
2023-01-13
1 / 2