Let's attempt to find a gadget which will leak the address of the stack (which we will require afterwards to return gracefully immediately after our ROP chain finishes).Note that these vulnerabilities have been found and described again in September 2021, but I used to be only in a position to publish this now.// Redirecting the emulator's IO read … Read More