Reputation: 961
Demonstrate buffer overflow in C in Ubuntu 13.04
As part of my assignment i have to demonstrate stackoverflow in my linux box.
My Box Config: OS: Ubuntu 13.04
GCC version: 4.6.3
I tried to compile the program with the flag -fno-stack-protector, the program complies successfully but Segmentation fault error shows up when i trigger stack overflow. How can i show the actual o/p. Buffer Over Flow Pgm:
int main(int argc, char**argv)
{
int authentication=0;
char cUsername[10], cPassword[10];
strcpy(cUsername, argv[1]);
strcpy(cPassword, argv[2]);
if(strcmp(cUsername, "admin") == 0 && strcmp(cPassword, "adminpass") == 0)
{
authentication = 1;}
if(authentication)
{
printf("Access granted");}
else
{
printf("Wrong username and password");
}return 0;}
If i give an IP like AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA A then it should show Acess granted but right now it shows segmentation fault
Upvotes: 0
Views: 303
Answers (1)
Reputation: 50832
This is what happens with my c compiler if you launch the program with these arguments: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA B :
int main(int argc, char**argv)
{
int authentication=0;
char cUsername[10], cPassword[10];
strcpy(cUsername, argv[1]);
// now cUsername contains "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
// and authentication contains "0x41414141" because it has been overwritten because of the
// buffer overflow of cUsername
strcpy(cPassword, argv[2]);
//now cPassword contains "B"
if(strcmp(cUsername, "admin") == 0 && strcmp(cPassword, "adminpass") == 0)
{
// strings are different so we don't get here
authentication = 1;
}
if (authentication)
{
// authentication still contains 0x41414141 therefore we get here
printf("Access granted");
}
else
{
printf("Wrong username and password");
}
// here we will get a segmentation fault, because the return adress which is on the
// stack will have been overwritten with 0x41414141 which is most probably an
// invalid address
return 0;
}
BTW if you format your code correctly it is much easier to read.
Important
Depending on your system, "Access granted" might not get printed out because if the output is buffered, the output buffer normally gets emptied after the return from the main function and since the program seg faults before, the output buffer is never emptied and the message is never displayed. Try to add a \n at the end of the "Access granted\n" string.
Upvotes: 2
Related Questions
- C program buffer overflow issue
- Buffer overflow example with gcc
- Unable to get buffer overflow working
- How do I test out buffer overflows on a modern system?
- Buffer overflow in C with gets
- Buffer overflow implementation
- Compile C to allow for Buffer Overflow
- Buffer overflow in C
- Experimental buffer overflow in Ubuntu 10 (assembly)
- WORKING example of buffer overflow in Damn Vulnerable Linux