I have been seeing a lot of exploits that write the memory address of functions/code into the EIP and was wondering if there was a way (maybe with gdb or something) that I could use to determine the memory address of some shellcode I am using in a buffer overflow test and use the python struct library to pack it
Tag: buffer-overflow
Why is there a “gap” beween the variables that I initiated in the stack?
I’m trying to play around with a buffer overflow. When the program counter gets to if(modified != 0), the base pointer is 0x00007fffffffdfe0. Right below the base pointer, I see 4 bytes that contains integer 0 which makes sense. However, the buffer is not right below the int modified. It looks like 4 bytes of 0s then 0x00007fff are in
Buffer Overflow: NOP sled not working [closed]
Closed. This question needs debugging details. It is not currently accepting answers. Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question. Closed 5 years ago. Improve this question Hey I’m trying to do a buffer overflow on a basic C program,
Modify the return address of a C function with buffer overflow vulnerability
I am trying to modify the following C program so that the main function will skip the printf(“x is 1”) line and only print “x is 0”. As the comments imply, the ret pointer needs to first be set to the return address of the function. I then need to add on an offset that will push it over the
hex code implementation for spawning a shell
I am trying to implement the codes given in smashing the stack for fun and profit by Aleph to learn the basics of buffer overflow attacks. Machine architecture: Ubuntu 12.10 64 bit programs compiled using -m32 flag in gcc So far, I have managed to spawn a shell using the assembly instructions. The next step is to convert those instructions
Is the sscanf function in the Linux kernel susceptible to buffer overflow attacks?
From what I understand, a typical buffer overflow attack occurs when an attack overflows a buffer of memory on the stack, thus allowing the attacker to inject malicious code and rewrite the return address on the stack to point to that code. This is a common concern when using functions (such as sscanf) that blindly copy data from one area