Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-22 04:33:28 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update rop-syscall-execv.md

Browse source 
I think that should be a pipe, no?
This commit is contained in:
‏‏Dave 2023-04-09 10:25:01 +00:00 committed by GitHub
parent 286ea6a24c
commit 86df82f60e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
exploiting/linux-exploiting-basic-esp/rop-syscall-execv.md
View file

@ -31,7 +31,7 @@ So, basically it's needed to write the string `/bin/sh` somewhere and then perfo
Let's start by finding **how to control those registers**:
```c
ROPgadget --binary speedrun-001 | grep -E "pop (rdi|rsi|rdx\rax) ; ret"
ROPgadget --binary speedrun-001 | grep -E "pop (rdi|rsi|rdx|rax) ; ret"
0x0000000000415664 : pop rax ; ret
0x0000000000400686 : pop rdi ; ret
0x00000000004101f3 : pop rsi ; ret