UGN Security
Posted By: sleepigrl help? - 11/27/02 09:31 PM
As part of a class project I need to write an exploit for the read below:

Code
unsigned char data[200];
int i,j,n;
 
n=open(filename, O_RDONLY);
 
i=-1;
do{
i++;
j=read(n,data+i,1);
}while(j>0);
I have the binary code for NOP/open a shell/etc, but I can't figure out how to store it correctly in data since I have to read from a file - It ends up stored as ascii characters, having different values from what I need.

Any help would be appreciated.
Posted By: CyberNerd Re: help? - 11/28/02 01:34 AM
isnt this what they would call cheating...
(i couldnt help you anyway)
Posted By: SilentRage Re: help? - 11/28/02 03:22 PM
Are you trying to get a buffer overflow with that? seems you're reading characters from a file one at a time into the data buffer. If you read over 200 bytes, then possibly the data in the file after 200 bytes could be shell code and somehow get it executed. But anyway, that seems awefully vague.
© UGN Security Forum