Last active
October 28, 2022 11:24
-
-
Save LordAmit/5652999 to your computer and use it in GitHub Desktop.
Buffer Overflow / Stack Smashing Example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Written by Amit Seal Ami | |
| */ | |
| #include <stdio.h> | |
| #include <string.h> | |
| /* | |
| Instructions | |
| ============ | |
| 1. turn off Address space layout randomization (ASLR)(ASLR) by this command: | |
| sudo echo 0 > /proc/sys/kernel/randomize_va_space | |
| 2. Next, compile this program using the switch to disable stack protector in the | |
| optimized build: | |
| gcc buffer1.c -o buffer -fno-stack-protector | |
| 3. Give input, by default, each character array are given 16 byte space, even | |
| though we used array of size 5 byte. So, a value larger than 16 bytes is entered | |
| it will smash the stack - and you will be free from the eternal loop. | |
| */ | |
| int main(int argc, char const *argv[]) | |
| { | |
| /* code */ | |
| int valid = 0; | |
| char str1[5]; | |
| char str2[5]; | |
| printf("locations: %p %p\n", &str1, &str2); | |
| strcpy(str1,"START"); | |
| while(valid==0){ | |
| printf("Muhahaha, you are locked in while(1) lock! \n"); | |
| printf("Enter your sinister stack smashing value: "); | |
| gets(str2); | |
| printf("before input: %s, %s\n", str1, str2); | |
| if(strncmp(str1, str2, 5)==0) | |
| valid = 1; | |
| printf("after input: %s, %s\n", str1, str2, valid); | |
| } | |
| if(strncmp(str1,"START", 5) != 0){ | |
| printf("aww, you broke from my eternal lock, you hacker :@\n"); | |
| } | |
| else{ | |
| printf("meh, you got out of it the usual way. Boring.\n"); | |
| } | |
| return 0; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment