Thanks for the quick reply
I have made file the victim.c with this code
Code:
#include <string.h>
#include <stdio.h>
void foo(const char* input)
{
char buf[10];
printf("My stack looks like:\n%p\n%p\n%p\n%p\n%p\n% p\n\n");
strcpy(buf, input);
printf("%s\n", buf);
printf("Now the stack looks like:\n%p\n%p\n%p\n%p\n%p\n%p\n\n");
}
void bar(void)
{
printf("Augh! I've been hacked!\n");
}
int main(int argc, char* argv[])
{
//Blatant cheating to make life easier on myself
printf("Address of foo = %p\n", foo);
printf("Address of bar = %p\n", bar);
if (argc != 2)
{
printf("Please supply a string as an argument!\n");
return -1;
}
foo(argv[1]);
return 0;
}
then when I am executing this file I am passing argument with the bar function addres.
but I am getting Segmentation fault (code dumped) error
Originally Posted by
trent.josephsen
That is what should generally happen when you overflow a buffer (and thereby scribble on memory you don't own). If you think there's a reason your code should not segfault, please post it.
It's possible, even likely, that the exploit you were trying to use does not affect the current Ubuntu kernel version.
Bookmarks