Vulnerability Development mailing list archives
Re: argc issue
From: "mike davis" <lists () stonedcoder org>
Date: Thu, 25 May 2006 13:53:20 -0400
the trick here is to use a wrapper program to that calls the executable without *any arguments* including argv[0]
at that point argc == 0 argv[0] == NULL and argv[1] is somewhere in the the environmental variables..and.. as an asside, when playing wargames.. its usually best not to cheat or you really get nothing out of it.
-phar----- Original Message ----- From: <padre () correo ugr es>
To: <vuln-dev () securityfocus com> Sent: Tuesday, May 23, 2006 1:51 PM Subject: argc issue hi! i' ve a code thats looks like: ------------------- code ---------------------- int main (int argc, char **argv) { char *a; char *b; a=malloc(char *)(100); b=malloc(char *)(100); if (argc) exit (-1); else { strcpy(a,argv[1]); } free (a); return 0; } ---------------- code --------------------------- I contais an explotable heap overflow. I can overwrite b's chunk head so I can write into DTOR_END the addr i want. But the main issue is " if (argc) exit(0);" . How can I change the argc variable so it contais the value of 0?. thanks and srry for my poor english :(
Current thread:
- argc issue padre (May 25)
- RE: argc issue Chris Eagle (May 26)
- Re: argc issue 3APA3A (May 26)
- Re: argc issue Valdis . Kletnieks (May 26)
- Re: argc issue mike davis (May 26)
- Re: argc issue jlongs2 (May 29)