CTF-All-In-One/doc/6.1.17_pwn_secconctf2016_jmper.md
2018-04-19 14:37:37 +08:00

1.1 KiB

6.1.17 pwn SECCONCTF2016 jmper

下载文件

题目复现

$ file jmper 
jmper: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.24, BuildID[sha1]=9fce8ae11b21c03bf2aade96e1d763be668848fa, not stripped
$ checksec -f jmper
RELRO           STACK CANARY      NX            PIE             RPATH      RUNPATH      FORTIFY Fortified Fortifiable  FILE
Full RELRO      No canary found   NX enabled    No PIE          No RPATH   No RUNPATH   No      0               4       jmper
$ strings libc-2.19.so | grep "GNU C"
GNU C Library (Ubuntu EGLIBC 2.19-0ubuntu6.9) stable release version 2.19, by Roland McGrath et al.
Compiled by GNU CC version 4.8.4.

64 位动态链接程序,但 Full RELRO 表示我们不能修改 GOT 表,然后还开启了 NX。

题目解析

Exploit

参考资料