All Questions
Tagged with buffer-overflow gdb
128 questions
0
votes
1
answer
88
views
Understanding buffer overflow output, when accessing the hidden function
Sorry if this is the wrong format. Im currently doing a CTF and have a problem where i have to overflow a buffer, to get access to a /bin/sh hidden function, where i then can get a flag.
I think i ...
- 39
2
votes
1
answer
125
views
Buffer Overflow Exploit - Injecting Code & Redirecting Execution in Attack Lab (x86-64, GDB Debugging)
Here's a revised and well-structured Stack Overflow post incorporating all necessary improvements:
Buffer Overflow Exploit (x86-64, Attack Lab Phase 2) - Injecting Shellcode for Function Call
...
- 139
0
votes
1
answer
125
views
How is a heap overflow attack implemented?
I am learning about heap overflow attacks, but I am encountering a problem.
Based on the knowledge I found online and my own guesses, I believe that a heap overflow attack involves overwriting ...
- 31
0
votes
1
answer
114
views
Buffer Overflow strange behavior for RIP
I run test i gdb to exploit an buffer overflow, when testing with:
(gdb) r $(python3 -c 'print(b"\x41"*152+"\x42"*6 )')
(gdb) i r
...
rbp 0x4141414141414141 ...
- 21
0
votes
1
answer
131
views
C strcat buffer overflow after hundreds of iterations [closed]
I have written a status bar utility in C for DWM to display the time, date, CPU temp, and battery level. I recently noticed the program had crashed and found that it had a coredump. I recompiled the ...
- 3
1
vote
0
answers
55
views
Buffer overflow with gdb: can't print to the stack to identify buffer start
I'm a student trying to solve an exercise for my cybersecurity course. It's the first time I get in contact with buffer overflows, gdb and so on, so not a lot of experience here. I was given a simple ...
1
vote
1
answer
208
views
Not getting the expected output when running a shell code in a buffer overflow
After finding the eip offset i'm trying to input some shell code to my program. With the following command run $(python -c 'print("A"*108 + "BBBB")') i get the following output
...
- 187
1
vote
0
answers
47
views
Not getting the same result from running a python script to generate a certain input string as i get when typing it myself
I have the following code and I'm trying to buffer overflow it.
#include <stdio.h>
#include <string.h>
int main(int argc, char** argv){
char buffer[10];
strcpy(buffer, argv[1]);
...
- 187
1
vote
1
answer
261
views
EIP doesn't get overwritten when perfoming a buffer overflow attack
I was watching this video on youtube: https://www.youtube.com/watch?v=1S0aBV-Waeo and i was trying to do the same steps shown in the video, but i can't seem to overwrite the EIP. I don't know if it's ...
- 187
0
votes
0
answers
264
views
How do you enter hex values into a terminal program that is already running?
I am currently trying to debug a program in gdb, and I am at a point where the program takes user input. I want to enter hex values into this input to test out a buffer overflow for a CTF to send me ...
- 1
0
votes
0
answers
66
views
Segfault on jump/branch
I am currently playing around with heap exploitation and got a segfault which I don't understand at all. I would expect a segfault due to my heap overflow somewhere but I don't understand why it is ...
- 123
0
votes
0
answers
197
views
How do I pass a string with null bytes as an argument to a program while debugging in gdb
I'm a cs student learning about buffer overflow attacks and I'm trying to write a very specific string to overflow a test program so I can jump to an arbitrary address. The problem is that the address ...
1
vote
1
answer
1k
views
How do I enable GDB/GEF to allow me to see how stack changes as I insert discrete input?
I am trying to identify the offset in which a buffer overflow occurs via pwntools and gdb. Here is the C code (x64):
int input[8];
int count, num;
count = 0;
while(1)
{
printf("Enter:\n&...
- 25
0
votes
1
answer
695
views
ret2libc attack MOVAPS segfault
I am trying to exploit a ret2libc vulnerable code in my own machine. Here is the source code.
#include <unistd.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
...
- 31
0
votes
1
answer
88
views
How to exploit Lottery Game?
After exploiting this code and finding out if you enter 16 different digits
Output using exploit
I am trying to understand why this is the case. Is it because of the memory location?
#include <...
user19980968