lazynote
| ID: | 2123 |
|---|---|
| 标题: | lazynote |
| 描述: | flag{} |
| 类型: | PWN |
| 网站: | bugku |
| 题目链接: | https://ctf.bugku.com/challenges/detail/id/2270.html |
| 赛事: | SECCON2020 |
| 年度: | 2020 |
| Flag值: | SECCON2020 lazynote的解题核心是利用FSOP(File Structure Overwrite Protection)漏洞,通过伪造IO_FILE结构体实现任意地址写入和libc地址泄露,最终通过one-gadget获取shell。 |
| writeup: | https://faraz.faith/2020-10-13-FSOP-lazynote/ |