1 files changed, 25 insertions, 0 deletions
diff --git a/vuln.c b/vuln.c
new file mode 100644
index 0000000..bd88a9d
--- /dev/null
+++ b/vuln.c
@@ -0,0 +1,25 @@
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+void unused_function() {
+	printf("you did it! ROP achieved, we never call this function\n");
+	printf("calling /bin/sh...\n");
+	system("/bin/sh");
+}
+
+void vuln(char* input) {
+	char buffer[32];
+	// copy input but dont check size, purposefully vulnerable so we can ROP our way through stuff
+	strcpy(buffer, input);
+	printf("Your argument was: %s\n", buffer);
+}
+
+int main(int argc, char** argv) {
+	if (argc != 2) {
+		printf("Usage: %s <string>\n", argv[0]);
+		return 1;
+	}
+	vuln(argv[1]);
+	return 0;
+}