jack/security-cw
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a8cbc66faf
security-cw/offset.py
Liam Dalgarno a8cbc66faf pwnlib coredump example
2020-11-25 15:16:52 +00:00

28 lines
605 B
Python
Raw Blame History

from pwnlib.elf.corefile import Coredump
from pwnlib.util.cyclic import cyclic, cyclic_find
from pwnlib.util.packing import pack
from pwnlib.tubes.process import process
import os
# TODO: command line arguments
input_file = "input.txt"
exec_name = "./vuln-32"
core_file = "./core"
os.remove(core_file)
# TODO Loop until a crash, increase payload size each iteration
with open(input_file, "wb") as f:
payload = cyclic(512)
f.write(payload)
process([exec_name, input_file]).wait()
core = Coredump('./core')
assert pack(core.eip) in payload
print(cyclic_find(core.eip))
os.remove(input_file)
Reference in New Issue View Git Blame Copy Permalink