diff options
Diffstat (limited to 'solve')
| -rw-r--r-- | solve/notes | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/solve/notes b/solve/notes new file mode 100644 index 0000000..25dae7b --- /dev/null +++ b/solve/notes @@ -0,0 +1,10 @@ +We can use format string exploit to leak values from the stack. + +This reveals the base address.. + +We can look up the function offset from the base address +by inspecting where the function lies within the code segment. + +objdump -d | grep WIN + +gives 0x9ec |