c4ph00k

About

Username
c4ph00k
Joined
Visits
850
Last Active
Roles
Member

Activity

  • r00Gh11

    Hello man, i seen your comment about Intense. i'm in the last steps for root, I caught the canary bytes the rbp and the return address.

    from here i can calculate the program base address, and i tried to caught the libc offset. to do i need to leak this address using the write and show the [email protected] and the difference with [email protected]

    The problem is that when i search for some rope gadgets, i found:

    • gadget for rdi and rdx but not for esi
      so i cant pass the address of write to the function "write()" without this gadget.

    Can you tell me any hint about that, Thanks for reply :)

    October 6
Avatar

Howdy, Stranger!

Click here to create an account.