Get the Whitepaper called Linux exploit development part 4 – ASCII armor bypass + return-to-plt.
You can download it from the following link: https://packetstormsecurity.com/files/download/101426/lewt4-bypass.pdf
Source: https://packetstormsecurity.com/files/101426/Linux-Exploit-Development-Part-4.html