今天來講一下一些常用到的工具
nc <ip> <port>
sudo apt install vim
checksec <執行檔>
objdump -M intel -d <執行檔> | less
-M intel
將原本預設是AT&T格式,改為intel格式專用於 CTF Exploit的Python Library 包含本地執行、遠程連接、shellcode 生成、ROP 的建構、ELF 解析等功能
安裝:
sudo apt install python-pip
sudo pip install pwntools
使用(python):
範例
from pwn import *
#connect to server
r = process('./add') # localhost binary
r = remote('140.113.0.3', 8080) # remote binary
s = r.recvuntil(':') # receive from binary until ':'
print '1:'+s
r.sendline('3 5') # send to server
r.interactive() #switch to interactive mode
readelf -a $libc | less
ROPgadget —-binary $binary