How to use buffer overflow to call function

Question

I have an assignment to use buffer overflow(required) to reach another function:

struct name {
    char name[10];
}

void func1() {
    printf("1");
    return;
}

struct name setup() {
    struct name n;
    scanf("%s",n.name);
    return n;
}

int main() {
    struct name n = setup();
    printf("%s
",n.name);
    return 0;
}

I got the buf begins at address 0x7fffffffe210, and function func1 address is 0x5555555551b1, but I don't know where is $rip so I don't know how many paddings are needed.

Also I tried with lldb on my Mac and issue is same. I know the function address but I don't know the address of pc.

func1 address is 0x5555555551b1
func2 address is 0x5555555551c3
buf starts at 0x7fffffffe210

I have tried to modify $rip value and then traverse all registers. But I did not find any register with this value. :(

Call func1 by using buffer overflow. Only use user input to call it. The program will need to print 1 and value of n.name.

How to use buffer overflow to call function

Answers (0)

Related Questions