session:solution:10
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | |||
| session:solution:10 [2015/07/24 23:18] – Razvan Deaconescu | session:solution:10 [2020/07/19 09:49] (current) – external edit 127.0.0.1 | ||
|---|---|---|---|
| Line 4: | Line 4: | ||
| Idea: The stack would need to look like: | Idea: The stack would need to look like: | ||
| - | * address of puts (in place of the return address) | + | |
| - | * address of exit | + | * address of exit |
| - | * argument to puts call (address of string) | + | * argument to puts call (address of string) |
| ===== ret-to-libc ===== | ===== ret-to-libc ===== | ||
| Idea: The stack would need to look like: | Idea: The stack would need to look like: | ||
| - | * address of system (in place of the return address) | + | |
| - | * address of exit | + | * address of exit |
| - | * argument to system call (address of string) | + | * argument to system call (address of string) |
| To find the '' | To find the '' | ||
| Line 24: | Line 24: | ||
| Idea: The stack would need to look like: | Idea: The stack would need to look like: | ||
| - | * address of '' | + | |
| - | * address of buffer start (where the shellcode is located) | + | * address of buffer start (where the shellcode is located) |
| - | * first argument of '' | + | * first argument of '' |
| - | * 2nd argument of '' | + | * 2nd argument of '' |
| ... | ... | ||
session/solution/10.1437779937.txt.gz · Last modified: by Razvan Deaconescu