UGN Security Forums
My ProfileMember DirectoryLogin
Search our ForumsView our FAQView our Site Rules
View our CalendarView our Active TopicsGo to our Main Page

 UGN Security Store
 

Network Sites UGN Security, Elite Web Gamers, Back of the Web, EveryDay Helper, VNC Web Design & Development
You are not logged in. [Log In] UGN Security Forums » Forums » UGN Security: Knowledge Base » Programming
      » C/C++ » A simple buffer overflow
Register User    Portal Page     Forum List        Calendar     Active Topics     FAQ
December
Su M Tu W Th F Sa
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31
Our Sponsors


Latest Postings
My friend NEEDS your HELP!
by Gizmo
11/26/08 12:21 AM
Useful PHP Functions & Code
by Gizmo
11/13/08 09:25 PM
UBBCode Tags
by Gizmo
11/13/08 09:25 PM
Topic Options
Rate This Topic
#17205 - 05/01/04 01:31 AM A simple buffer overflow
newblet Offline
Junior Member

Registered: 04/30/04
Posts: 2
Loc: USA
Hey,
I'm not sure if this should go in this forum or somewhere else, but here goes. I need some help writing a buffer overflow for a setuid binary. It basically allocates 256 bytes for a buffer and calls scanf(%s,buffer). I know that this function is exploitable, but I can't figure out how to send my shellcode+ret into the program.
Someone want to help me out? How do I get the program to read my overflow code?

Thanks

Top
Our Sponsors
Sponsor Our Sponsors

 Sponsor Advertisements help keep UGN Security Online.



Support UGN Security by Purchasing our Sponsors Products.
Top  
#17206 - 05/04/04 03:25 AM Re: A simple buffer overflow
UndeadBob Offline
Junior Member

Registered: 06/11/02
Posts: 62
Loc: UK
understand assembly and how the code works the cpu. then you shall have your answer...
_________________________
"Mrs. Jones, I'm sorry to inform you, but we've run the tests, and it appears that you have XP. Now don't cry - it's bad, but it's not a death sentence. Modern science has advanced in recent years, and it's now possible to live a reasonably happy life with XP. And there's a survivor's group that you'll want to meet as well."

Top
#17207 - 05/13/04 04:03 AM Re: A simple buffer overflow
newblet Offline
Junior Member

Registered: 04/30/04
Posts: 2
Loc: USA
Ummm...sorry, but that wasn't very helpful; I already know how everything about the overflows works. I already have the program that creates an environment variable containing the string that will spawn my shell. I can use it to spawn a shell from a program that uses strcpy() and receives the string from a parameter. I just don't know how to make a program that uses stdin instead of parameters. I've already tried sending my string into a file and dumping the file in. I've also tried echoing the variable and using | to send it into the program. Could the return address be different because of the scanf()?

Edit: spelling

Top
#17208 - 05/18/04 05:17 PM Re: A simple buffer overflow
sinetific Offline
nobody

Registered: 03/02/02
Posts: 815
Loc: Ann Arbor
You can use a debugger to find the return address

Top



Featured Member
Registered: 03/03/02
Posts: 23
Forum Stats
6889 Members
44 Forums
11030 Topics
45809 Posts

Max Online: 677 @ 06/30/07 10:06 PM
Top Posters
Gizmo 6958
UGN Security 4080
§intå× 3252
IceMyst 1449
SilentRage 1273
Ice 1146
pergesu 1134
Infinite 1039
jonconley 954
Girlie 903
Newest Members
lucky vin, prEttyNDistress, AndrewKlilly, border, f4k3m3
6889 Registered Users
Who's Online
0 registered (), 6 Guests and 7 Spiders online.
Key: Admin, Global Mod, Mod
Latest News
Update Humpday - Sept 26, 2008
by Gizmo
11/28/08 03:39 AM
Happy Holidays!
by Gizmo
11/27/08 09:09 AM
New Mailing
by Gizmo
11/24/08 01:30 PM
A special update...
by Gizmo
11/24/08 01:10 PM
Required Reading Update...
by Gizmo
11/07/08 11:36 AM
Privacy statement · Mark all read
Contact Us · UGN Security · Top


Donate
   Get Firefox!
Get FireFox!