add 6.1.20

This commit is contained in:
firmianay 2018-04-24 00:06:38 +08:00
parent bd2a5dadfb
commit 8f14e2d924
5 changed files with 32 additions and 0 deletions

View File

@ -142,6 +142,7 @@ GitHub 地址https://github.com/firmianay/CTF-All-In-One
* [6.1.17 pwn SECCONCTF2016 jmper](doc/6.1.17_pwn_secconctf2016_jmper.md) * [6.1.17 pwn SECCONCTF2016 jmper](doc/6.1.17_pwn_secconctf2016_jmper.md)
* [6.1.18 pwn HITBCTF2017 Sentosa](doc/6.1.18_pwn_hitbctf2017_sentosa.md) * [6.1.18 pwn HITBCTF2017 Sentosa](doc/6.1.18_pwn_hitbctf2017_sentosa.md)
* [6.1.19 pwn HITBCTF2018 gundam](doc/6.1.19_pwn_hitbctf2018_gundam.md) * [6.1.19 pwn HITBCTF2018 gundam](doc/6.1.19_pwn_hitbctf2018_gundam.md)
* [6.1.20 pwn 33C3CTF2016 babyfengshui](doc/6.1.20_pwn_33c3ctf2016_babyfengshui.md)
* re * re
* [6.2.1 re XHPCTF2017 dont_panic](doc/6.2.1_re_xhpctf2017_dont_panic.md) * [6.2.1 re XHPCTF2017 dont_panic](doc/6.2.1_re_xhpctf2017_dont_panic.md)
* [6.2.2 re ECTF2016 tayy](doc/6.2.2_re_ectf2016_tayy.md) * [6.2.2 re ECTF2016 tayy](doc/6.2.2_re_ectf2016_tayy.md)

View File

@ -0,0 +1,30 @@
# 6.1.20 pwn 33C3CTF2016 babyfengshui
- [题目复现](#题目复现)
- [题目解析](#题目解析)
- [Exploit](#exploit)
- [参考资料](#参考资料)
[下载文件](../src/writeup/6.1.20_pwn_33c3ctf2016_babyfengshui)
## 题目复现
```
$ file babyfengshui
babyfengshui: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, for GNU/Linux 2.6.32, BuildID[sha1]=cecdaee24200fe5bbd3d34b30404961ca49067c6, stripped
$ checksec -f babyfengshui
RELRO STACK CANARY NX PIE RPATH RUNPATH FORTIFY Fortified Fortifiable FILE
Partial RELRO Canary found NX enabled No PIE No RPATH No RUNPATH Yes 0 3 babyfengshui
$ strings libc-2.19.so | grep "GNU C"
GNU C Library (Debian GLIBC 2.19-18+deb8u6) stable release version 2.19, by Roland McGrath et al.
Compiled by GNU CC version 4.8.4.
```
## 题目解析
## Exploit
## 参考资料
- https://ctftime.org/task/3282
- https://github.com/bkth/babyfengshui

View File

@ -20,6 +20,7 @@
- [6.1.17 pwn SECCONCTF2016 jmper](6.1.17_pwn_secconctf2016_jmper.md) - [6.1.17 pwn SECCONCTF2016 jmper](6.1.17_pwn_secconctf2016_jmper.md)
- [6.1.18 pwn HITBCTF2017 Sentosa](6.1.18_pwn_hitbctf2017_sentosa.md) - [6.1.18 pwn HITBCTF2017 Sentosa](6.1.18_pwn_hitbctf2017_sentosa.md)
- [6.1.19 pwn HITBCTF2018 gundam](6.1.19_pwn_hitbctf2018_gundam.md) - [6.1.19 pwn HITBCTF2018 gundam](6.1.19_pwn_hitbctf2018_gundam.md)
- [6.1.20 pwn 33C3CTF2016 babyfengshui](6.1.20_pwn_33c3ctf2016_babyfengshui.md)
- re - re
- [6.2.1 re XHPCTF2017 dont_panic](6.2.1_re_xhpctf2017_dont_panic.md) - [6.2.1 re XHPCTF2017 dont_panic](6.2.1_re_xhpctf2017_dont_panic.md)
- [6.2.2 re ECTF2016 tayy](6.2.2_re_ectf2016_tayy.md) - [6.2.2 re ECTF2016 tayy](6.2.2_re_ectf2016_tayy.md)

Binary file not shown.

Binary file not shown.