Shell Four ORW — Open-Read-Write Shellcode with Seccomp
Write open-read-write shellcode to exfiltrate /flag.txt when execve is blocked by a seccomp filter.
X86-64
Split — ret2win with ROP pop rdi Gadget
Classic x86-64 ret2win: overflow the return address, use a pop rdi gadget to pass the /bin/cat flag.txt string as argument, jump to system.