Posted: Fri Oct 16, 2009 8:19 pm Post subject: Problem carrying out a simple buffer overflow
Hi,
I would like to start learning about the nuts and bolts concerning Linux security. I bought the "Gray Hat Hacking" book by Harris et al. and started working at their example for buffer overflows but hit a bump immediately. Is this the right place to be discussing this sort of thing? If so I give pertinent info below:
Program:
//overflow.c
#include <string.h>
main(){
char str1[10]; //declare a 10 byte string
//next, copy 35 bytes of "A" to str1
strcpy (str1, "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA");
}
gcc -ggdb -o overflow overflow.c
./overflow
resulted in the expected segmentation fault.
gdb -q overflow --> run
resulted in:
Starting program: /tmp/overflow
Program received signal SIGSEGV, Segmentation fault.
0x000000000040048f in main () at overflow.c:7
7 }
I was expecting something like 0x41414141 instead i.e. the hex for ASCII A is 0x41.
Also (gdb) info reg eip
resulted in:
Invalid register `eip'
The book suggested the following to disable Fedora's Address Space Layout Randomization:
echo "0" > /proc/sys/kernel/randomize_va_space
echo "0" > /proc/sys/kernel/exec-shield
echo "0" > /proc/sys/kernel/exec-shield-randomize
The first two commands executed but the last resulted in:
bash: /proc/sys/kernel/exec-shield-randomize: No such file or directory
Can anyone help me to understand what is going on?
Many thanks in advance,
M.
personally, I suggest you to consider an easier book like The Art of Exploitation (sold with a practice live distro for exercise), because Gray Hat Hacking is very though for a beginner.
In any case, the examples are not working because you have a different architecture. I am not sure, but maybe there are some virtual machines that can emulate a 32-bit OS on a 64-bit OS.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum