@Blkph0x said:
a little question I have managed to leak something I can see it in the debug output but im not sure how to grab it I watched ippsecs video that someone posted and the method he used doesn’t seem to work I have tried a few things and all fail to see the returned address??? I’m like 99.9% sure everything else is right apart from the way im trying to save to a variable anyone able to help with this aspect
how to do that is probably going to depend on how you’re doing the exploit. if you’re using pwn, you should be able to just do recvline() into a variable and then use python slices to extract the bytes you want. once you have them, you’ll want to unpack that with u32() or u64() depending on the target architecture.