@master_canary

is the thread canary offset too big, pwntools crashes on sending this payload top overwrite the canary!
is the thread canary offset too big, pwntools crashes on sending this payload to overwrite the thread canary.

작성자 정보
답변 2
avatar
wyv3rn
무플 방지 위원회장

you need to check that where overflow is occur. (not main function)

2023.06.28. 10:20
nu1lptr
대표 업적 없음

first i created a thread, then i checked the input ,which is at address 0x7ffff73fee40 and the canary is at 0x7ffff7ff6728 and then the offset is 0xbf78e8 .so on the sending this payload to overwrite the master canary. and then doing ret2get_shell in the leave_comment input.
payload1 = b'a'*0xbf78e8 payload1 += b'a'*8

pwntools crashes bcz its too big.So, i guess the offset is wrong .But where i am getting it wrong?

2023.06.28. 17:46
질문에 대한 답을 알고 계신가요?
지식을 나누고 포인트를 획득해보세요.
답변하고 포인트 받기