Vuln Dev
Learning buffer overflow help Jun 06 2007 07:30PM
erk_3 hotmail com (1 replies)
Hello everyone,

I have studied alot on buffer overflows and I understand the theory behind it. Thing is, any example I follow says once you can overwrite the EIP you can control the flow of the program (in a nutshell).

So here's my really basic BOF:

#include <stdio.h>

#include <string.h>

int main (int argc, char *argv[]) {

char name[4];

strcpy(name, argv[1]);

printf(name);

}

if you enter: 1234AAAABBBB the eip is 0x42424242

When i try to put in a return address though, such as 1234AAAA\xEE\xEE\xEE\xEE it doesnt go to that address. To my understanding, shouldn't the fault come up at address 0xEEEEEE ?

Sorry if this sounds stupid to some of you, but I think once i get around this little bump in the road I can be on my way.

Thanks for your help,

Eric

[ reply ]
Re: Learning buffer overflow help Jun 07 2007 02:56AM
Dude VanWinkle (dudevanwinkle gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus