Vulnerability Development mailing list archives
Re: Studying buffer overflows [maybe OT]
From: circut <circut () TheSocket remoteserver org>
Date: Fri, 5 Apr 2002 00:45:32 -0600 (CST)
On Mon, 8 Apr 2002, darko wrote:
Hi all, I've started to study buffer overflows. I wrote the following code: void f() { char a[4]; int *b; b = a + 0x8; (*b) += 0x8; } main() { int x; x = 0; f(); x = 1; printf("%d\n", x); } I want, after the call to f(), the program jump to printf() so the value of x should remain 0, not 1. I always get segmentation faults, bus errors, etc. and never that fuc*ing "x = 0" !! Tested on a Celeron 433, red hat 7.2, gcc 2.96. byez darko
Hrmm. I think you need to check out that nice paper from Mixer. It shows some nice stuff like that. Writing buffer overflow exploits - a tutorial for beginners is the name of it and since I'm nice here's a link: http://members.tripod.com/mixtersecurity/papers.html Link is prolly old and outdated so if it's gone don't ask where you can find it. Search. And good luck with those buffer overflows. they are nice, but VERY hard to get the hang of, that is if you don't have a vast knowledge of Memory. So yea, TIP: LEARN ALL ABOUT MEMORY Later. :~Short_Circut~: TheSocket.remoteserver.org - Get plugged in.
Current thread:
- Studying buffer overflows [maybe OT] darko (Apr 08)
- Re: Studying buffer overflows [maybe OT] circut (Apr 09)
- Re: Studying buffer overflows [maybe OT] Larry W. Cashdollar (Apr 09)
- Re: Studying buffer overflows [maybe OT] Jason Barbour (Apr 09)
- Re: Studying buffer overflows [maybe OT] Syzop (Apr 09)
- Re: Studying buffer overflows [maybe OT] Guillaume Morin (Apr 09)
- Re: Studying buffer overflows [maybe OT] Eric LeBlanc (Apr 09)
- Re: Studying buffer overflows [maybe OT] nocon (Apr 10)
- Re: Studying buffer overflows [maybe OT] Jan Kluka (Apr 09)
- Re: Studying buffer overflows [maybe OT] SpaceWalker (Apr 09)
- Re: Studying buffer overflows [maybe OT] Matthew Kauffman (Apr 09)
- Re: Studying buffer overflows [maybe OT] Rafal Rajs (Apr 09)
(Thread continues...)
- Re: Studying buffer overflows [maybe OT] circut (Apr 09)