Segmentation Fault for school lab Shellcode BufferOverflow

Question

I am running FedoraCore6 as instructed by the prof. I am trying to simply run this shellcode that is provided by the lab instructions and I keep on getting a Segmentation fault..We are told we can either compile with the stack gaurd turned off by using the command gcc-fno-stack-protector call_shellcode.c either way wether I just compile the code ussing gcc -o shell call_callshellcode.c or use the -fno-stack-protector command I get a segmentation fault when launching the code isntead of a shell being invoked..Any help? So I am provided with code for this lab as follows:

#include <stdlib.h>
#include <stdio.h>

    const char code[] = 
    "\x31\xc0"
    "\x50"
    "\x68""//sh"
    "\x68""\bin"
    "\x89\xe3"
    "\x50"
    "\x53"
    "\x89\xe1"
    "\x99"
    "\xb0\x0b"
    "\xcd\x80"
    ; 

int main(int argc, char **argv)
{
    char buf[sizeof(code)];
    strcpy(buf, code);
    ((void(*) ( ))buf)();
}

Answer 1

• First of all, you must identify where your program SEGFAULTs. One of the ways to do this is to run dmesg| tail. The last line in this output would be show where the Instruction Pointer was when the SEGFAULT occurred.
• The other way is to compile the program with -ggdb flag set.
  
• Run ulimit -c unlimited on your shell to ensure a core dump is generated when the program SEGFAULTs.
  
• Run your program without changing the code, and it should say Segmentation Fault (core dumped). In your local directory, you should see a new file called core.
• Run gdb -c core to analyze the core dump.
• Once inside gdb, type bt or backtrace to see exactly where the SEGFAULT occurred.
• You can also use commands like info registers, info locals, info args in order to analyze the values you have. Use x/x $esp (or any other register name) to check what the individual registers contain.
  
  Good Luck!