[pwnable.kr] TB #uaf
2019. 8. 2. 10:15
pwnable.kr
[Toddler's Bottle]
# uaf
뉴욕 갔다 와서 처음 쓰는 것 같다ㅠㅠ 열심히해야지
cat uaf.cpp를 해보면,
//uaf@ubuntu:~$ cat uaf.cpp
#include <fcntl.h>
#include <iostream>
#include <cstring>
#include <cstdlib>
#include <unistd.h>
using namespace std;
class Human{
private:
virtual void give_shell(){
system("/bin/sh");
}
protected:
int age;
string name;
public:
virtual void introduce(){
cout << "My name is " << name << endl;
cout << "I am " << age << " years old" << endl;
}
};
class Man: public Human{
public:
Man(string name, int age){
this->name = name;
this->age = age;
}
virtual void introduce(){
Human::introduce();
cout << "I am a nice guy!" << endl;
}
};
class Woman: public Human{
public:
Woman(string name, int age){
this->name = name;
this->age = age;
}
virtual void introduce(){
Human::introduce();
cout << "I am a cute girl!" << endl;
}
};
int main(int argc, char* argv[]){
Human* m = new Man("Jack", 25);
Human* w = new Woman("Jill", 21);
size_t len;
char* data;
unsigned int op;
while(1){
cout << "1. use\n2. after\n3. free\n";
cin >> op;
switch(op){
case 1:
m->introduce();
w->introduce();
break;
case 2:
len = atoi(argv[1]); //인자1을 len로
data = new char[len]; //len만큼의 스트링을 data로
read(open(argv[2], O_RDONLY), data, len); //인자 2로 들어온 것을 open. len만큼 data에 저장
cout << "your data is allocated" << endl;
break;
case 3:
delete m;
delete w; // 다 지움
break;
default:
break;
}
}
이렇게 나온다.
이번기회에힙을공부할수있어서좋았다^^...^^....
'Wargame > pwnable.kr' 카테고리의 다른 글
| [pwnable.kr] TB #passcode (0) | 2019.08.03 |
|---|---|
| [pwnable.kr] TB #flag (0) | 2019.08.02 |
| [pwnable.kr] TB #coin1 (0) | 2019.07.15 |
| [pwnable.kr] TB #cmd2 (0) | 2019.07.14 |
| [pwnable.kr] TB #shellshock (0) | 2019.07.14 |