0

When I download a copy of a vulnerable program and try to exploit it by buffer overflow (any internal function calling as a payload), it works. However, when I made a same type of vulnerable program in C I am not able to exploit it and I have no idea what's going wrong. Checking on gdb I figure out that I am able to overwrite the return address on the stack but still getting a segmentation fault and my desired address is not executed.

The vulnerable program:

#include<stdio.h> input() { char a[4]; gets(a); puts(a); } main() { input(); printf("\nthis will execute after returning from the function\n"); } over() { printf("this can only be executed by the hacker"); }

I want to execute the function over() and I used the payload

printf "aaaaaaaa\xb3\x84\x04\x08" | ./my
Improve this question
2
  • Your compiler is putting in tricks to try and make buffer overflows harder. stackoverflow.com/questions/2340259/…
    – pacifist
    CommentedMay 23, 2014 at 4:36
  • i have disabled aslr and also used the switch -mprefrred-stack-boundary=2 and even the vulnerable program which seems to work i used the same switch
    – user38257
    CommentedMay 23, 2014 at 6:13

2 Answers 2

Reset to default
1

The main problem with your code is that it isn't vulnerable to a buffer overflow more than likely due to the compiler (are you using gcc?) replacinggets withfgets

If you strace the above compiled code (with malicious input) you should see what I mean.

Improve this answer
    0

    If you've disabled ASLR (and checked that it's really disabled), you may be running into a canary. Disable it using the -fno-stack-protector flag:

    gcc my.c -o my -fno-stack-protector
    Improve this answer

      You must log in to answer this question.

      Start asking to get answers

      Find the answer to your question by asking.

      Ask question

      Explore related questions

      See similar questions with these tags.