Reputation: 51
Buffer overflow exploit
I'm trying to learn some basics in cyber security and have been trying to solve an exercise. in my exercise, I need to exploit this code in order to bypass the username and get in. (I know it's very dangerous to use the gets() function, but that's the exercise and I'm trying to solve it within the definitions). this is my code:
#include <stdio.h>
#include <string.h>
void main()
{
char username[8];
int allow = 0;
printf("Enter your username, please: ");
gets(username);
if (allow)
{
printf("Success");
}
}
I thought about overflowing the buffer with 9 chars, in order to overflow the username variable into the allow variable. for some reason, I can't do it. can anyone please help?
Upvotes: 0
Views: 283
Answers (1)
Reputation: 106
A lot of things can be causing your problem and you would need to
- state what compiler you are using
- what flags you are passing as the bare minimum, for anyone to give a good answer. A description of the output you get when you try to overflow the buffer would also be helpful.
However, assuming you are using gcc, your problem is probably that gcc inserts canaries/stack-protectors, and that you get a message saying *** stack smashing detected ***.
If you try to compile your program with gcc -fno-stack-protector -o bufoverflow bufoverflow.c you will turn off the stack-protection and your intuition on how to exploit the program will be correct.
See here for a quick introduction to overflow-mitigations: https://en.wikipedia.org/wiki/Buffer_overflow_protection
Upvotes: 3
Related Questions
- Buffer overflow assistance
- Buffer overflow vulnerability lab
- Buffer overflow exploitation 101
- Simple Buffer Overflow Exploit
- Problems exploiting a buffer overflow
- Buffer overflow vulnerability
- Stack Overflow Exploit in C
- Exploiting a buffer overflow read operation
- C overflows need some direction
- about buffer overflow