Leaking libc addresses isn’t even required this time around (your problem is most likely that you use a different version of libc than the target machine, and without local access all you can basically do is take a wild guess what addresses that libc would have).
You’re thinking way, way more complex than this machine is. It’s an easy box, don’t forget that. Take a look at the disassembly, take a look at “dead” code and you might find something that can do a lot of work for you.
Yea - i saw video and writeups, but i still want to know why port isn’t sending response as local application and how to fix it. Because leaking libc is fun and realistic
Yea - i saw video and writeups, but i still want to know why port isn’t sending response as local application and how to fix it. Because leaking libc is fun and realistic
Like I said, if you are trying to shoot into the libc and you don’t get a sensible response, it’s likely that the server uses a different version of the libc which has its functions at different positions in the library. In other words, don’t try this approach and take another one.
Personally, I think fun and realistic is using what you have instead of trying to turn every problem into a nail because you know how to use a hammer.
Trying to investigate myapp using file myapp, but the result says it’s text file not executable!
Tried to chmod to be executable but it doesn’t work!
Is there any issue with the downloaded myapp?!
Trying to investigate myapp using file myapp, but the result says it’s text file not executable!
Tried to chmod to be executable but it doesn’t work!
Is there any issue with the downloaded myapp?!
how did you download the file?
file command should give output as linux executable and you should be able to run it as ./myapp
Hi guys i trying to follow the steps in Ippsec video but kind of stuck on the step where pwntools call gdb.debug(). Somehow it did not break at main show the gef window as shown in ippsec video
Try to google the issue online but no luck. I guess i mess up the installation of pwntools on kali. Did anyone know any good links that show how pwntools can be installed on kali?
*edit: I know my issue. Seems like i need to run the exploit in tmux window.
