Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: hey the stack overflow solve !!!!!!! !!

From: gaurav saha <gauravsaha007 () yahoo com>
Date: Sat, 27 Jan 2007 21:26:19 -0800 (PST)
I already knew that .. and stopped it ..

[root@winmitm ~]# cat a.c
int main()
{
        char buf[8];
        printf("%p\n",&buf);
}
[root@winmitm ~]# cat b.c
int main()
{
        char buf[8];
        printf("%p\n",&buf);
}
[root@winmitm ~]# gcc a.c -o a.out
a.c: In function &#8216;main&#8217;:
a.c:4: warning: incompatible implicit declaration of
built-in function &#8216;printf&#8217;
[root@winmitm ~]# gcc b.c -o b.out
b.c: In function &#8216;main&#8217;:
b.c:4: warning: incompatible implicit declaration of
built-in function &#8216;printf&#8217;
[root@winmitm ~]# ./a.out ; ./b.out
0xbff8121c
0xbf8447ec
[root@winmitm ~]# ./a.out ; ./b.out
0xbf85f0cc
0xbffcbecc
[root@winmitm ~]# ./a.out ; ./b.out
0xbf8584ec
0xbfa1675c
[root@winmitm ~]# sysctl -A | grep kernel | grep
randomi | grep va
kernel.randomize_va_space = 1
[root@winmitm ~]# sysctl -w
kernel.randomize_va_space=0
kernel.randomize_va_space = 0
[root@winmitm ~]# ./a.out ; ./b.out
0xbfffe9fc
0xbfffe9fc
[root@winmitm ~]# ./a.out ; ./b.out
0xbfffe9fc
0xbfffe9fc
[root@winmitm ~]# ./a.out ; ./b.out
0xbfffe9fc
0xbfffe9fc
[root@winmitm ~]#

so now what do u suggest ...do i do ... 
the EIP is not getting over written ... at max eip =
0x00919191 

info reg show that ..info frame show u only some of
the critical registers ...

how do i solve the problem ..
please suggest ..

=====code====

int main(int ac, char **av)
{
buffer[1024];
strcpy(buffer,av[1]);
return 0;
}
===end of code====

Can someone please help me with this ...
thxx 
---gaurav
--- È«¼ºÈñ <awsedr17 () naver com> wrote:


 
you're os is fedora core 3 
 
fedora core 3 is random stack 
 
--
(gdb) br main
Breakpoint 1 at 0x804836e
(gdb) r xxxx
Starting program: /var/tmp/strcpy xxxx
(no debugging symbols found)...(no debugging symbols
found)...
Breakpoint 1, 0x0804836e in main ()
(gdb) x/x $ebp
0xfeefcb78: 0xfeefcbd8
(gdb) x/x $esp
0xfeefcb70: 0x00000000
(gdb) r
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /var/tmp/strcpy xxxx
(no debugging symbols found)...(no debugging symbols
found)...
Breakpoint 1, 0x0804836e in main ()
(gdb) x/x $ebp
0xfef34f08: 0xfef34f68
(gdb) x/x $esp
0xfef34f00: 0x00000000
(gdb)
--
 
[root@localhost test]# cat test.c
int main()
{
 char buf[8];
 printf("%p\n",&buf);
}
[root@localhost test]# cat test1.c
int main()
{
 char buf[8];
 printf("%p\n",&buf);
}
[root@localhost test]# ./test ; ./test1
0xfefe1910
0xfefd5a40
[root@localhost test]# ./test ; ./test1
0xfefb5360
0xfef21490
[root@localhost test]# ./test ; ./test1
0xfeedeb10
0xfef0f750
[root@localhost test]# ./test ; ./test1
0xfefd32d0
0xfefe53a0
[root@localhost test]# ./test ; ./test1
0xfef096f0
0xfeea1860
[root@localhost test]# ./test ; ./test1
0xfee0b210
0xfefb5750
[root@localhost test]#
 
are you understand??? 
haha 
 
het added the my msn@ 
 
fentatonic () hotmail com
 
 
 
À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;


À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;À&#382;

»õ·Î¿î ±âºÎ¹®È­ÀÇ ¾¾¾Ñ, ÇØÇǺó





 
____________________________________________________________________________________
It's here! Your new message!  
Get new email alerts with the free Yahoo! Toolbar.
http://tools.search.yahoo.com/toolbar/features/mail/
Previous By Date Next
Previous By Thread Next

Current thread: