开发者

Hex values in gdb input files

I'm trying to bof a particular exploitme on DVL by redirecting input (to gets) using run < inputfile inside gdb

I can overflow the program successfully but am having trouble appending hex values to the string.. I have tried quotations, converting the value of the mem addr to ascii and various escape attempts (\,\,\) with no luck

Input file example: AAAA\x42

In the above exam开发者_运维百科ple it would appear that the backslash is being read as an ascii char (5c) and the value 42 remains in the stack (oddly?).

How would one go about specifying a hex value inside a gdb input file?

Thanks


Use perl! :)

reader@hacking:~/booksrc $ ./overflow_example $(perl -e 'print "A"x30')

with the 'e' option perl will evaluate the following command, and surrounding everything will treat the output of perl as a string. So the command above is identical to:

reader@hacking:~/booksrc $ ./overflow_example AAAAAAAAAAAAAAAAAAAAAAAAA

(adding x30 after a string will repeat it 30 times). Of course perl accepts other hex values with the notation \x??. One more word, to concatenate strings use a dot:

reader@hacking:~/booksrc $ perl -e 'print "A"x20 . "BCD" . "\x61\x66\x67\x69" ;'
AAAAAAAAAAAAAAAAAAAABCDafgi

So you can redirect the output of perl in your input file or directly call perl in gdb when you run the program.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜