这是2017年CUIT校赛的压轴题,(我)第一次遇到的overwrite global_max_fast的手法,~(≧▽≦)/~
1 2 3 4 5 6 7 8 9 10 |
$ pwn500 file pwn500 pwn500: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.32, BuildID[sha1]=6901fcf15a1121a560954c0d395e54bbc16d698b, stripped ➜ pwn500 checksec pwn500 [*] '/home/xing/CTF/2017/2017_CUIT/pwn/House of Lemon/workspace/pwn500/pwn500' Arch: amd64-64-little RELRO: Full RELRO Stack: Canary found NX: NX enabled PIE: PIE enabled |