Tags: exploit 

Rating: 0

We can use the printf vulnerability to overwrite thr got entry,
at first stage we leak the libc address, and then overwrite puts@got entry to main to create a loop
in second stage we overwrite the printf@got entry to system so that whatever the program passes to printf will be then executed.

the working exploit is linked.