Assignment Question
I am working on an assignment, its about stack smashing. The program accepts an input, and since the input is not being checked, our job is to exploit this vulnerability and pass address of a function (called smash() and is within the program). thought it looks simple but I haven't wasn't able to solve it. I looked online but couldn't find any helpful resources. I am using gdb's disassemble command to find out the address of the where the input is read into buffer, and tried to put the address of the smash function, but didn't get any result from that. I did something like this(./smash addressOfSmashFuncInHEXFormat). Can any one give some pointers on how to do it?
Program
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
int smash() {
printf("You stack smashed!!!\n");
exit(-1);
}
char *getbuf(int n) {
char buff[4];
char *s = malloc(n+1);
printf("Enter string of size %d bytes: \n",n);
fgets(s,n+1,stdin);
strncpy(buff,s,n+1);
return s;
}
int main(int argc,char **argv) {
printf("In main string = %s\n",getbuf(atoi(argv[1])));
printf("No smashing done\n");
}
Aucun commentaire:
Enregistrer un commentaire