How to use buffer overflow exploit

Question

I try to learn the buffer overflow exploit .

i have this code :

       #include <stdio.h>
       int read_req(FILE *p) {
       char buf[16];
       int i;
       fgets(buf, 1024, p);
       i = atoi(buf);
       return i;
      }
      int main() {
       FILE *fp = fopen("/home/assignment/shellcode", "r");
        int x = read_req(fp);
       printf("x = %d\n", x);
      }

I want to exploit this code using this shellcode :

  #include <stdio.h>

  void main() {

   char *name[2];

   name[0] = "/bin/sh";

  name[1] = NULL;

   /* Launch shell */

   execve(name[0],name, NULL);

 }

but i dont know how to use it , also i heard that fgets dont cause the buffer overflow problem .. I'm confused

Think you

A buffer overflow occurs (generally) when an input is larger than the size of the buffer that it is meant to go in. You can still have a buffer overflow with `fgets` - the reason `fgets` is usually recommended is because you the programmer get to designate exactly how big your input can be. If you allow it to be larger than your buffer - congrats, buffer overflow even with `fgets`. That said... most programmers (at least, most that I've met) tend to frown upon "exploits". It's an easy way to enter a legal grey zone (if not full-on illegal activities). — tonysdg, Sep 15 '15 at 03:11

score 0 · Answer 1 · answered Sep 17 '15 at 00:34

0

Place a few hundred 'A's in the file /home/assignment/shellcode and run the vulnerable application under the gdb debugger. This should overwrite eip/rip and be enough to get your started.

answered Sep 17 '15 at 00:34

wireghoul

121
10

How to use buffer overflow exploit

1 Answers1