Pwn - Intro to Pwning 1
- leak the return address of main using
%47$p(read the 47th element from the stack)
"Expelliarmus\0"to get past the password check
258-13+6 * "A"
- Send the address of a
retinstruction aligning the stack correctly
- send the address of the win function