ret2text
Theory
This attack is also called ret2win. Basically we just control $rip
and then jump to some "hidden" function in the binary. If PIE is turned off, the address of this function will be fixed. Read this writeup to learn more:
Template:
Last updated