I have seen a buffer overflow code but I can not over flow it. Is there any gcc option to compile that? Or any wrong with that code.
The code is:
#include <stdlib.h>
#include <unistd.h>
#include <stdio.h>
#include <string.h>
int main(int argc, char **argv)
{
volatile int modified;
char buffer[64];
if(argc == 1) {
errx(1, "please specify an argument\n");
}
modified = 0;
strcpy(buffer, argv[1]);
if(modified == 0x61626364) {
printf("you have correctly got the variable to the right value\n");
} else {
printf("Try again, you got 0x%08x\n", modified);
}
}
and I am trying to run it this way:
perl -e 'print "A"x64 . "dcba"' | xargs ./main
You need to know
modified
and buffer
You can solve it by finding the offset between modified and buffer as (char *)&modified - (char *)buffer
The linked demonstrates how to run the modified code that serves the purpose of determining the correct argument as well as stack smashing. The first Demo provides you with the argument that you can feed to your second Demo
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.