pattern생성 및 offset 확인

[*] pattern 생성

st = ''.join(''.join((a,b,c))

for a in string.ascii_uppercase

for b in string.ascii_lowercase

for c in string.digits)

st1 = ''.join(''.join((b,a,c))

for a in string.ascii_uppercase

for b in string.ascii_lowercase

for c in string.digits)

st= st + st1

st = st[:3000] # 최대 길이

[*] pattern 찾기

import string

import struct

st = ''.join(''.join((a,b,c))

for a in string.ascii_uppercase

for b in string.ascii_lowercase

for c in string.digits)

st1 = ''.join(''.join((b,a,c))

for a in string.ascii_uppercase

for b in string.ascii_lowercase

for c in string.digits)

st = st+st1

st = st[:30000]

find = struct.pack("<L", 0xaabbccdd)  # EIP값

print "len : ", len(st)

for i in range(0, len(st)):

    if st[i] == find[0]:

        if st[i+1] == find[1]:

            if st[i+2] == find[2]:

                if st[i+3] == find[3]:

                    print str(i)

print "end"