Lesson 9: Introduction to Buffer Overflows

This is a great resources explaining what are buffer overflows. https://youtu.be/1S0aBV-Waeo IMAGE ALT TEXT HERE

Exercise

  1. In addition to the reference above learn how to exploit buffer overflows from [this video](https://www.safaribooksonline.com/library/view/security-penetration-testing/9780134833989/sptt_00_10_02_00.html] and as you learned during the live training demonstration.

  2. Use and modify the following code:

#include <stdio.h>

void omarSecretFunction()
{
    printf("Omar's Crappy Function\n");
    printf("This is a super secret function!\n");
}

void echo()
{
    char buffer[20];

    printf("Please enter your name:\n");
    scanf("%s", buffer);
    printf("You entered: %s\n", buffer);    
}

int main()
{
    echo();

    return 0;
}

The char buffer[20]; is a really bad idea here.

  1. Compile this into a 32 bit binary:

If you are using a 32-bit system, it can be as easy as:

gcc vuln.c -o vuln -fno-stack-protector

On a 64-bit system use:

gcc vuln.c -o vuln -fno-stack-protector -m32

-fno-stack-protector disables stack protection and -m32 forces to do compilation in 32-bit.

Note: Additional libraries may be needed in order for you to compile 32 bit binaries on 64 bit machines. It all depends on your machine.

  1. Use edb --run <the_name_of_your_binary> to debug the code and try to create a payload that will invoke omarSecretFunction().

You can use tools like msfvenom to generate shell code.

.

results matching ""

    No results matching ""