0

I am practicing buffer overflow and assembly coding. Right now I am able to find return address, and jump to anywhere inside the program itself. However, I want to do more than just jump to itself, I want to display some string that I sent to the program buffer (the string is not included in the program, but it's an input I sent with my exploit). Lets say I want to display "you are hacked!", how can I do that?

I understand to display something, I need to call prints() function inside the program itself, and assign the address value to $a0, which is the argument passing into prints() and prints() will print anything in that address out. However, my input string is not included in the program, I have no way to display my own message but only the data in program itself. How can I do that?

Improve this question
2
  • Why don't you put your string into the buffer you are overrunning? Are you limited in size of buffer? :D (pun intended) Commented Oct 31, 2016 at 16:33
  • thx! I was so tired that I didn't know solution is already there. I just found out the way to solve it! You clear my thoughts, thanks! Commented Oct 31, 2016 at 16:52

1 Answer 1

Reset to default
0

I had the answer just a step away, I did put my hack message into the buffer. I was wrongly putting the string in $a0, however what I really should do is to put the memory address of the string into $a0. As soon as I did that, my hack message displayed.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.