[Pwnable.kr] echo2
FSB+UAF,比较常规的套路题
首先F5
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 |
int __cdecl main(int argc, const char **argv, const char **envp) { unsigned int *v3; // rsi@1 _QWORD *v4; // rax@1 unsigned int v6; // [rsp+Ch] [rbp-24h]@1 __int64 v7; // [rsp+10h] [rbp-20h]@1 __int64 v8; // [rsp+18h] [rbp-18h]@1 __int64 v9; // [rsp+20h] [rbp-10h]@1 setvbuf(stdout, 0LL, 2, 0LL); setvbuf(stdin, 0LL, 1, 0LL); o = malloc(0x28uLL); *((_QWORD *)o + 3) = greetings; *((_QWORD *)o + 4) = byebye; printf("hey, what's your name? : ", 0LL); v3 = (unsigned int *)&v7; __isoc99_scanf((__int64)"%24s", (__int64)&v7); v4 = o; *(_QWORD *)o = v7; v4[1] = v8; v4[2] = v9; id = v7; getchar(); func[0] = (__int64)echo1; qword_602088 = (__int64)echo2; qword_602090 = (__int64)echo3; v6 = 0; do { while ( 1 ) { while ( 1 ) { puts("\n- select echo type -"); &nb |