Tagged Questions
3
votes
1answer
287 views
How can I perform a “printf string attack” using a buffer overflow?
The code:
void doit()
{
system("/bin/sh");
exit(0);
}
int main(int argc, char **argv)
{
static int the_var;
char buf[512];
the_var = 20;
strncpy ...
2
votes
2answers
267 views
What can a hacker do with a non-root user (Linux)? [closed]
Let's say I let my friend "Stuart" have an account on my VPS with very limited privileges because he asked very nicely. Since Stuart isn't so bright, he accidentally posts his password in an IRC ...
2
votes
3answers
107 views
returning to an address on the stack
I am working on a project for school that deals with overflowing buffers (the buffer overflow bomb) I am sure many of you have done it or heard of it. I am not looking for how to do it but just have ...
2
votes
1answer
632 views
Abort trap instead of buffer overflow
I've been reading an excellent book Hacking by Jon Erickson. I wanted to compile an buffer overflow example and debug it, but instead of writing outside allocated space, the application just responds ...
2
votes
1answer
86 views
Need help figuring out a remote buffer overflow
It's for a class assignment. I'm kinda stuck and I only have some questions to help me move along. (No cheating for me :p) Brutal assignment for an undergrad class I think...
What we're supposed to ...
0
votes
2answers
138 views
Shellcode Development , ESP pointer
Sometime back, working on an exploit for Easy RM to MP3 Converter 2.7.3.700 on Windows XP SP3 ( http://www.exploit-db.com/exploits/9177/ ) , I came across a concept which am not understanding , It ...
0
votes
2answers
729 views
Buffer Overflow ( Question about Return address…) Please Guide! [duplicate]
Possible Duplicate:
how to skip a line doing a buffer overflow in c
I disassembled the main() function using gdb on RHEL5. Basically I want to change return address to some other ...
0
votes
0answers
67 views
Buffer Overflow esp offset
I'm a computer engineering student who is studying how stack buffer overflows work. The book I'm reading is The Art of Exploitation (1st edition) by Jon Erickson.
In order to practice what I'm ...
0
votes
1answer
148 views
Stack smash test environment
I am trying to test buffer overflow attacks in virtualbox and have been struggling for the past few weeks due to all the security featrues of various distros.
I have tried following tutorials online ...
0
votes
1answer
136 views
The art of exploitation - exploit_notesearch.c
i've got a question regarding the exploit_notesearch program.
This program is only used to create a command string we finally call with the system() function to exploit the notesearch program that ...