완료됨
@master_canary
!
is the thread canary offset too big, pwntools crashes on sending this payload to overwrite the thread canary.
작성자 정보
답변
2
first i created a thread, then i checked the input ,which is at address 0x7ffff73fee40
and the canary is at 0x7ffff7ff6728
and then the offset is 0xbf78e8
.so on the sending this payload to overwrite the master canary. and then doing ret2get_shell in the leave_comment input.
payload1 = b'a'*0xbf78e8 payload1 += b'a'*8
pwntools crashes bcz its too big.So, i guess the offset is wrong .But where i am getting it wrong?