该代码段定义了一个测试函数`deftest_pwn_dlresolve_64()`,用于检测和利用一个64位二进制文件(`bof_dlresolve_64`)的溢出漏洞。它首先设置了测试文件、输入类型、属性,然后尝试触发保护机制并检测漏洞类型为溢出。接着,利用溢出漏洞进行攻击,并发送结果。最后,断言是否成功找到了标志(flag)。
def test_pwn_dlresolve_64():
test_file = "tests/bin/bof_dlresolve_64"
input_type = "STDIN"
properties = {"pwn_type": {}}
properties["input_type"] = input_type
properties["file"] = test_file
properties["force_dlresolve"] = True
properties["win_functions"] = []
properties["pwn_type"]["type"] = "Overflow"
with suppress():
# Protections trigger exploit find type
properties["protections"] = protectionDetector.getProperties(test_file)
with suppress():
properties["pwn_type"]["results"] = overflowExploiter.exploitOverflow(
test_file, properties, inputType=input_type
)
assert properties["pwn_type"]["results"]["type"] == "dlresolve"
properties["send_results"] = overflowExploitSender.sendExploit(
test_file, properties
)
> assert properties["send_results"]["flag_found"] == True
E assert False == True
zeratool tests not passed on windows 10 wsl kali linux and kali 2023
于 2023-06-23 23:09:47 首次发布
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
