diff --git a/SUMMARY.md b/SUMMARY.md index 0c99c3f..5d86da4 100644 --- a/SUMMARY.md +++ b/SUMMARY.md @@ -141,6 +141,7 @@ GitHub 地址:https://github.com/firmianay/CTF-All-In-One * [6.1.16 pwn HITBCTF2017 1000levels](doc/6.1.16_pwn_hitbctf2017_1000levels.md) * [6.1.17 pwn SECCONCTF2016 jmper](doc/6.1.17_pwn_secconctf2016_jmper.md) * [6.1.18 pwn HITBCTF2017 Sentosa](doc/6.1.18_pwn_hitbctf2017_sentosa.md) + * [6.1.19 pwn HITBCTF2018 gundam](doc/6.1.19_pwn_hitbctf2018_gundam.md) * re * [6.2.1 re XHPCTF2017 dont_panic](doc/6.2.1_re_xhpctf2017_dont_panic.md) * [6.2.2 re ECTF2016 tayy](doc/6.2.2_re_ectf2016_tayy.md) diff --git a/doc/6.1.19_pwn_hitbctf2018_gundam.md b/doc/6.1.19_pwn_hitbctf2018_gundam.md new file mode 100644 index 0000000..18ebb32 --- /dev/null +++ b/doc/6.1.19_pwn_hitbctf2018_gundam.md @@ -0,0 +1,29 @@ +# 6.1.19 pwn HITBCTF2018 gundam + +- [题目复现](#题目复现) +- [题目解析](#题目解析) +- [Exploit](#exploit) +- [参考资料](#参考资料) + + +[下载文件](../src/writeup/6.1.19_pwn_hitbctf2018_gundam) + +## 题目复现 +``` +$ file gundam +gundam: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=5643cd77b84ace35448d38fc49e4d3668ef45fea, stripped +$ checksec -f gundam +RELRO STACK CANARY NX PIE RPATH RUNPATH FORTIFY Fortified Fortifiable FILE +Full RELRO Canary found NX enabled PIE enabled No RPATH No RUNPATH Yes 0 4 gundam +$ strings libc.so.6 | grep "GNU C" +GNU C Library (Ubuntu GLIBC 2.26-0ubuntu2.1) stable release version 2.26, by Roland McGrath et al. +Compiled by GNU CC version 6.4.0 20171010. +``` + + +## 题目解析 + +## Exploit + +## 参考资料 +- https://ctftime.org/task/5924 diff --git a/doc/6_writeup.md b/doc/6_writeup.md index 5e3e14a..d5bbcca 100644 --- a/doc/6_writeup.md +++ b/doc/6_writeup.md @@ -19,6 +19,7 @@ - [6.1.16 pwn HITBCTF2017 1000levels](6.1.16_pwn_hitbctf2017_1000levels.md) - [6.1.17 pwn SECCONCTF2016 jmper](6.1.17_pwn_secconctf2016_jmper.md) - [6.1.18 pwn HITBCTF2017 Sentosa](6.1.18_pwn_hitbctf2017_sentosa.md) + - [6.1.19 pwn HITBCTF2018 gundam](6.1.19_pwn_hitbctf2018_gundam.md) - re - [6.2.1 re XHPCTF2017 dont_panic](6.2.1_re_xhpctf2017_dont_panic.md) - [6.2.2 re ECTF2016 tayy](6.2.2_re_ectf2016_tayy.md) diff --git a/src/writeup/6.1.19_pwn_hitbctf2018_gundam/gundam b/src/writeup/6.1.19_pwn_hitbctf2018_gundam/gundam new file mode 100755 index 0000000..3abcfc7 Binary files /dev/null and b/src/writeup/6.1.19_pwn_hitbctf2018_gundam/gundam differ diff --git a/src/writeup/6.1.19_pwn_hitbctf2018_gundam/libc.so.6 b/src/writeup/6.1.19_pwn_hitbctf2018_gundam/libc.so.6 new file mode 100755 index 0000000..fcc92d6 Binary files /dev/null and b/src/writeup/6.1.19_pwn_hitbctf2018_gundam/libc.so.6 differ