Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: buffer overflow - fundamentals

From: honoriak <EGC () ARGEN NET>
Date: Wed, 7 Feb 2001 20:35:22 +0100
visi0n wrote:


        This is a heap overflow, look for traceroute advisory.
===============================================================================


it's a buffer overflow. not heap i think; in the source code i can see char
buff[2]; and not malloc() or new *char[2].. if it was c++.
a lot of good texts about buffer overflows and format bugs you can see at:

http://julianor.tripod.com by juliano rizzo from core SDI.

            -honoriak


visi0n
AUX Technologies
[www.aux-tech.net]

On Mon, 5 Feb 2001, adeon wrote:


Hello ,

  I've wondered (I'm beginner) on how to make a buffer overflow
  exploit. So, let's say that i've got suid program (compiled) and owned
  by root:

  //----- cut here
  #include <stdio.h>

  char buff[2];

  int main()
  {
        printf("Enter some letters:");
        scanf("%s",buff);
        return 0;
  }
  //---- cut here

  Can anyone explain me how to make an exploit for it? Can anyone give
  some example of exploits?


--
Best regards,
 adeon                         mailto:adeon () dino open net pl
Previous By Date Next
Previous By Thread Next

Current thread: