stackoom
  简体   繁体   中英

Try to learn exploitation with c on ubuntu

 原文  2015-08-31 07:50:27       c/ buffer-overflow

Question

Im try to learn exploitation I starts at buffer overflow this is my code :

#include<stdio.h>
#include<string.h>

int main (int argc,char *argv[])
{
    int value=5;
    char buffer_one[8],buffer_two[8];


    strcpy(buffer_one,"one");
    strcpy(buffer_two,"two");

    printf("[+] befor 2 is at %p and have \'%s\'\n",buffer_two,buffer_two);
    printf("[+] befor 1 is at %p and have \'%s\'\n",buffer_one,buffer_one);
    printf("[+] befor value at %p and have %d (0x%08x)\n",&value,value,value);

    printf("\nstrcpy copying %d bytes into buffer_two\n\n",(int)strlen(argv[1]));
    strcpy(buffer_two, argv[1]);

    printf("[+] after 2 is at %p and have \'%s\'\n",buffer_two,buffer_two);
    printf("[+] after 1 is at %p and have \'%s\'\n",buffer_one,buffer_one);
    printf("[+] after value at %p and have %d (0x%08x)\n",&value,value,value);  

    return 0;
}

i compiled it with the command :

gcc -o overflow overflow.c

now my problem start .

Instead of putting all the variables to the right place memory , ( first written will be at the highest memory place and last will be at lowest place and when I will fulfill the last variable with garbage it will overwrites all the variables ) Their order quite strange when and the first inserted is the lowes

[+] befor 2 is at 0x7fffdb76e5f0 and have 'two'
[+] befor 1 is at 0x7fffdb76e5e0 and have 'one'
[+] befor value at 0x7fffdb76e5dc and have 5 (0x00000005)

strcpy copying 8 bytes into buffer_two

[+] after 2 is at 0x7fffdb76e5f0 and have '01234567'
[+] after 1 is at 0x7fffdb76e5e0 and have 'one'
[+] after value at 0x7fffdb76e5dc and have 5 (0x00000005)

1 answers

solution1
 1  2015-08-31 07:56:37

Two things to mention here.

  1. The order of allocation of variables (in the stack) are not specified by C standards. Based on different level of optimization, the same compiler may reorder the allocation (thereby changing the address) for variables.

  2. Accessing past the allocated memory is undefined behaviour . Segmentation fault (the crash ) is just one of the many side effects of UB.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question exploitation on 64 bit Ubuntu Artificial delay in TCP socket with C, for race condition exploitation Trying to understand example char_array2.c from “the art of exploitation” How to learn C pointers? just starting to learn c for loop Programming resources to learn C in depth Reading Recommendations To Learn Basics Of C Difficulties Understanding Format String Exploitation Learn C or C++ for php extensions Exceptions in C (Try Catch)
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM