Reputation: 303
I was experimenting with a code described in the "Shell coders handbook" where you overflow a buffer and cause the same code to be executed twice...
void return_input (void)
{ char array[5];
gets (array);
printf(“%s\n”, array);
}
main()
{
return_input();
return 0;
}
The task was to overwrite the buffer and to replace the address of 'return 0' with the address of 'return_input()' so that the entered string is printed twice..
i compiled it as follows
gcc -fno-stack-protector overflow.c
to override the protection mechanisms. The problem is i cant get it to execute twice. in this case the address of the function ri() is at 0x08048440 . I gave the input as follows
./a.out
aaaaaaaaaaaaa\x40\x84\x04\x08
shouldnt this cause the function to be called twice?? It always returns
aaaaaaaaaaaaaaaa��
Segmentation fault (core dumped)
How can i overflow the buffer to call the function twice?
Upvotes: 1
Views: 124
Reputation: 111
based on your machine type , you might need to adjust. http://www.tenouk.com/Bufferoverflowc/Bufferoverflow4.html
Upvotes: 0
Reputation: 885
\x40\x84\x04\x08
is not supported. You should use some other program to translate the hex input to bytes.
If you are using bash, you can try echo -e '\x40\x84\x04\x08' | ./a.out
. I found that solution at linux shell scripting: hex string to bytes
Upvotes: 1
Reputation: 13196
By definition, the behavior of a buffer overflow is unpredictable. You will only get the same behavior if you happen to be using the same version of the same compiler with the same settings on the same OS, etc., etc.
Upvotes: 0