Questions tagged [stack-overflow]
The stack-overflow tag has no summary.
58 questions
1vote
0answers
86views
Is Tricore architecture of Infineon vulnerable to stack overflow attack?
In this topic, 'be vulnerable to stack overflow attack' actually refer to an attacker manipulating the return address of a function to perform a control flow hijacking. Smashing the stack by ...
- 11
24votes
5answers
5kviews
Given extensive protections in modern operating systems that make buffer overflow exploits unfeasible, should I even bother studying these?
I’ve been diving into the world of buffer overflow vulnerabilities and their exploitation, which has been both challenging and fascinating. However, I’ve recently hit a mental roadblock and would love ...
1vote
0answers
38views
Can't print hexadecimal formatted address in buffer overflow
I'm trying to overwrite the return address caused by a buffer overflow. I've already calculated the distance between the buffer and the return address. The address that I want to jump to is ...
- 81
0votes
1answer
270views
How to return to main after performing stack buffer overflow
#include <stdio.h> #include <stdlib.h> void reading(); void reading_hexa(char*); void secret(); int main() { reading(); printf("Input done\n"); exit(0); } void ...
1vote
1answer
150views
bufferoverflow chars gets replaced on stack [closed]
So I try to understand stack based buffer-overflow but now I am stuck. This is the vulnerable function (32 bit ELF). int test(char* input) { char buf[100]; printf("Buffer is at %p\n",...
1vote
2answers
331views
Is Stack Exchange immune to DDoS and DoS attacks?
I have heard that DDoS and DoS attacks work most of the time and that they are used when SQL insertion and other methods fail. I know Stack Exchange has a lot of programmers, and that they have this ...
- 13
1vote
1answer
1kviews
Why are stack canaries not enabled by default on GCC?
I'm trying to understand why stack canaries are not enabled by default. It makes sense to me that they should be, given the interest in security? https://stackoverflow.com/questions/49693870/stack-...
- 537
0votes
0answers
208views
Buffer Overflow with ROP Chain Output Problem
I have the following problem: I have this C program and I have done buffer overflow using ROP gadgets. I have a problem with the output. I want to stop the printf() call in the vuln function to get ...
0votes
1answer
243views
Stack vs Heap exploit, which have more CVE documented?
I tried to google this topic but most of them are conflicting each other. On the other side, I found a case where I can use either stack (local variable) or heap for a dynamic string. It's C by the ...
- 133
1vote
1answer
1kviews
Heap overflow - strcpy() on x86_64 (64bit)
I'm stuck on the Heap1 challenge from Exploit Education. After compiling the source code in a 64bit system, without any security mechanism, I try to overflow the heap in order to overwrite the main ...
- 21
1vote
0answers
383views
What can you do against fortify-source (stack overflow)?
I was practicing stack buffer exploitation on a well known application I was able to bypass canaries, ASLR and nx bit with techniques easily found on the internet However it has fortify-source enabled ...
- 153
2votes
1answer
205views
Is this paper on stack canaries outdated?
According to this paper on defeating stackguard, it seems canaries are placed lower in the stack (higher address) than EBP, allowing the attacker to overwrite EBP without being noticed. But when I ...
- 21
0votes
2answers
906views
What is the maximum payload injection size
I have been conducting some minor research into the various forms of exploitation, such as buffer overflows and similar. Most tutorials seem to focus on executing shellcode, that is code which ...
- 221
1vote
0answers
150views
Question on stack overflow
I am preparing for an exam in Computer Security and doing a past-exam without soluions, so I wanted to check if my reasoning holds on a question about stack overflow. Below is the C code in question. ...
- 23
1vote
1answer
2kviews
Can you perform a buffer overflow and a format string attack at the same time?
So I hope I'm phrasing this right. I'm trying to exploit a piece of c code which you can see below. #include <stdlib.h> #include <unistd.h> #include <stdio.h> #include <string.h&...
