mirror of
https://github.com/nganhkhoa/CTF-All-In-One.git
synced 2025-06-24 04:05:03 +07:00
finish 6.2.3
This commit is contained in:
firmianay
BIN
src/writeup/6.2.3_re_codegate2017_angrybird/angrybird_mod
Executable file
BIN
src/writeup/6.2.3_re_codegate2017_angrybird/angrybird_mod
Executable file
Binary file not shown.
0
src/writeup/6.2.3_re_codegate2017_angrybird/angrybird → src/writeup/6.2.3_re_codegate2017_angrybird/angrybird_org
Normal file → Executable file
0
src/writeup/6.2.3_re_codegate2017_angrybird/angrybird → src/writeup/6.2.3_re_codegate2017_angrybird/angrybird_org
Normal file → Executable file
15
src/writeup/6.2.3_re_codegate2017_angrybird/exp.py
Normal file
15
src/writeup/6.2.3_re_codegate2017_angrybird/exp.py
Normal file
@ -0,0 +1,15 @@
|
||||
import angr
|
||||
|
||||
main = 0x004007da
|
||||
find = 0x00404fc1
|
||||
avoid = 0x00400590 # puts@plt
|
||||
|
||||
p = angr.Project('./angrybird_mod')
|
||||
init = p.factory.blank_state(addr=main)
|
||||
pg = p.factory.simgr(init, threads=4)
|
||||
ex = pg.explore(find=find, avoid=avoid)
|
||||
|
||||
final = ex.found[0].state
|
||||
flag = final.posix.dumps(0)
|
||||
|
||||
print "Flag:", final.posix.dumps(1)
|
||||
Reference in New Issue
Block a user