The following function is called in a remote server program. The argument str points to a string that is entirely provided by users (the size of the string is up to 300 bytes). The size of the buffer is X, which is unknown to us (we cannot debug the remote server program). However, somehow we know that the address of the buffer array is 0xAABBCC10, and the distance between the end of the buffer and the memory holding the function's return address is 8. Although we do not know the exact value of X. we do know that its range is between 20 and 100.

Please write down the string that you would feed into the program, so when this string is copied to buffer and when the bof() function returns, the server program will run your code. You only have one chance, So you need to construct the string in a way such that you can succeed without knowing the exact value of X. In your answer, you don't need to write down the injected code, but the offsets of the key elements in your string need to be correct.

int bof (cha *str) char buffer [X]; strcpy (buffer, str)i return 1i