Security Basics mailing list archives
Re: hey the stack overflow solve !!!!!!! !!
From: gaurav saha <gauravsaha007 () yahoo com>
Date: Sat, 27 Jan 2007 21:26:19 -0800 (PST)
I already knew that .. and stopped it .. [root@winmitm ~]# cat a.c int main() { char buf[8]; printf("%p\n",&buf); } [root@winmitm ~]# cat b.c int main() { char buf[8]; printf("%p\n",&buf); } [root@winmitm ~]# gcc a.c -o a.out a.c: In function ‘main’: a.c:4: warning: incompatible implicit declaration of built-in function ‘printf’ [root@winmitm ~]# gcc b.c -o b.out b.c: In function ‘main’: b.c:4: warning: incompatible implicit declaration of built-in function ‘printf’ [root@winmitm ~]# ./a.out ; ./b.out 0xbff8121c 0xbf8447ec [root@winmitm ~]# ./a.out ; ./b.out 0xbf85f0cc 0xbffcbecc [root@winmitm ~]# ./a.out ; ./b.out 0xbf8584ec 0xbfa1675c [root@winmitm ~]# sysctl -A | grep kernel | grep randomi | grep va kernel.randomize_va_space = 1 [root@winmitm ~]# sysctl -w kernel.randomize_va_space=0 kernel.randomize_va_space = 0 [root@winmitm ~]# ./a.out ; ./b.out 0xbfffe9fc 0xbfffe9fc [root@winmitm ~]# ./a.out ; ./b.out 0xbfffe9fc 0xbfffe9fc [root@winmitm ~]# ./a.out ; ./b.out 0xbfffe9fc 0xbfffe9fc [root@winmitm ~]# so now what do u suggest ...do i do ... the EIP is not getting over written ... at max eip = 0x00919191 info reg show that ..info frame show u only some of the critical registers ... how do i solve the problem .. please suggest .. =====code==== int main(int ac, char **av) { buffer[1024]; strcpy(buffer,av[1]); return 0; } ===end of code==== Can someone please help me with this ... thxx ---gaurav --- È«¼ºÈñ <awsedr17 () naver com> wrote:
you're os is fedora core 3 fedora core 3 is random stack -- (gdb) br main Breakpoint 1 at 0x804836e (gdb) r xxxx Starting program: /var/tmp/strcpy xxxx (no debugging symbols found)...(no debugging symbols found)... Breakpoint 1, 0x0804836e in main () (gdb) x/x $ebp 0xfeefcb78: 0xfeefcbd8 (gdb) x/x $esp 0xfeefcb70: 0x00000000 (gdb) r The program being debugged has been started already. Start it from the beginning? (y or n) y Starting program: /var/tmp/strcpy xxxx (no debugging symbols found)...(no debugging symbols found)... Breakpoint 1, 0x0804836e in main () (gdb) x/x $ebp 0xfef34f08: 0xfef34f68 (gdb) x/x $esp 0xfef34f00: 0x00000000 (gdb) -- [root@localhost test]# cat test.c int main() { char buf[8]; printf("%p\n",&buf); } [root@localhost test]# cat test1.c int main() { char buf[8]; printf("%p\n",&buf); } [root@localhost test]# ./test ; ./test1 0xfefe1910 0xfefd5a40 [root@localhost test]# ./test ; ./test1 0xfefb5360 0xfef21490 [root@localhost test]# ./test ; ./test1 0xfeedeb10 0xfef0f750 [root@localhost test]# ./test ; ./test1 0xfefd32d0 0xfefe53a0 [root@localhost test]# ./test ; ./test1 0xfef096f0 0xfeea1860 [root@localhost test]# ./test ; ./test1 0xfee0b210 0xfefb5750 [root@localhost test]# are you understand??? haha het added the my msn@ fentatonic () hotmail com ÀžÀžÀžÀžÀžÀž
ÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀžÀž
»õ·Î¿î ±âºÎ¹®ÈÀÇ ¾¾¾Ñ, ÇØÇǺó
____________________________________________________________________________________ It's here! Your new message! Get new email alerts with the free Yahoo! Toolbar. http://tools.search.yahoo.com/toolbar/features/mail/
Current thread:
- Re: hey the stack overflow solve !!!!!!! !! gaurav saha (Jan 29)