Too Long; Didn't Read
The exploitation process can be summarized by this workflow: bug -(overwrite)> return address -(jump)> gadgets -(jmp)> one gadget. The last gadget will direct the program to execute a one gadget, and we will have a shell. Find the gadgets within bug by running “ROPgadget –binary bug” and “vmmap” Find gadgets within the bug program’s libc file name and run “One_Gadget /usr/lib/x86_64-64-linux-gnu/libc-2.31.so.