Store shellcode in environment variable

<p>In the&nbsp;<a href="https://medium.com/@danielorihuelarodriguez/stack-based-buffer-overflows-6d8e17764c4c" rel="noopener">previous post</a>&nbsp;we explained how stack-based buffer overflows work. In the last exercise, we inserted the shellcode in the stack. However, this might be a problem. What happens if the shellcode doesn&rsquo;t fit in the stack? We can store it in an environment variable.</p> <h1>Manually store shellcode in env var</h1> <p>We will export the shellcode manually and use it in our exploit.</p> <p>Let&rsquo;s keep working with the&nbsp;<code>notesearch</code>&nbsp;program (the last exercise of the previous post). Remember that the shellcode was&nbsp;<code>\x48\x31\xf6\x56\x48\xbf\x2f\x62\x69\x6e\x2f\x2f\x73\x68\x57\x54\x5f\x6a\x3b\x58\x99\x0f\x05</code>. We need to export it as a binary into the env var. Otherwise, the code won&rsquo;t be executed.</p> <p><a href="https://medium.com/@danielorihuelarodriguez/store-shellcode-in-environment-variable-1058062b8b5e"><strong>Learn More</strong></a></p>