All Questions
2
questions
1
vote
1
answer
12k
views
How to find address of system() in an executable - ROP exploit
I'm trying to find the address of system() in a code repo that I'm trying to exploit using Return Oriented Programming (for a course project). The code has included stdlib.h but it has not used system(...
3
votes
1
answer
3k
views
Why ret2libc is not working in the below code on x86_64?
I am trying to bypass DEP in x86_64 (64 bit - ASLR OFF). I have my own vulnerable code and I have also written an exploit code with a basic ROP to jump into system() with parameter "/bin/sh",...