Buffer overflow exploit
Question
I'm trying to learn some basics in cyber security and have been trying to solve an exercise. in my exercise, I need to exploit this code in order to bypass the username and get in. (I know it's very dangerous to use the gets() function, but that's the exercise and I'm trying to solve it within the definitions). this is my code:
#include <stdio.h>
#include <string.h>
void main()
{
char username[8];
int allow = 0;
printf("Enter your username, please: ");
gets(username);
if (allow)
{
printf("Success");
}
}
I thought about overflowing the buffer with 9 chars, in order to overflow the username variable into the allow variable. for some reason, I can't do it. can anyone please help?
1 answers
solution1
2 2022-09-19 11:52:51
A lot of things can be causing your problem and you would need to
- state what compiler you are using
- what flags you are passing as the bare minimum, for anyone to give a good answer. A description of the output you get when you try to overflow the buffer would also be helpful.
However, assuming you are using gcc , your problem is probably that gcc inserts canaries/stack-protectors, and that you get a message saying *** stack smashing detected *** .
If you try to compile your program with gcc -fno-stack-protector -o bufoverflow bufoverflow.c you will turn off the stack-protection and your intuition on how to exploit the program will be correct.
See here for a quick introduction to overflow-mitigations: https://en.wikipedia.org/wiki/Buffer_overflow_protection
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.