Thanks.
I wanted to get rid of the endless ROP attack worked loop, and that was not difficult:
I wanted to get rid of the endless ROP attack worked loop, and that was not difficult:
Code:
pi@raspberrypi5:~ $ ./a.out Trying to overwrite return address of hello()ROP attack workeddonepi@raspberrypi5:~ $ Code:
pi@raspberrypi5:~ $ diff rop.c rop2.c 3c3,5< void target() { printf("ROP attack worked\n"); }---> int orig;> > void target() { int xx; printf("ROP attack worked\n"); *((&xx) - 0x5) = orig; }8c10,11< *((&xxx) - 0x5) = target;---> orig = *((&xxx) - 0x5);> *((&xxx) - 0x5) = ⌖12a16> printf("done\n");pi@raspberrypi5:~ $ Statistics: Posted by HermannSW — Thu Nov 14, 2024 10:25 am