[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Buffer Overrun Newbie



On Sun, 5 Feb 2006 gj_williams2000@xxxxxxxxxxx wrote:

> I was messing about with my pc trying to learn how buffer overruns work
> (mostly as an excuse to use assembler) and I have run into a problem.
>
> The program I am exploiting is just a simple c program I wrote which
> mismanages a string provided by the user by copying it into a 512 byte
> variable on the stack without checking its length.

I suggest that you try learning about buffer overflows with something
slightly more simple.  It's my understanding that shellcode is actually
relatively difficult to write for Windows.

If you have experience with Linux, or another Unix OS, I would suggest
starting there.  If you don't want to install Linux, you can even run it
in Bochs, QEMU, VMWare, etc.

Start with a simple exploitable C program:

#include <stdio.h>

int main()
{
	char buf[512];
	gets(buf);
	return 0;
}

Try getting this to spawn a shell.  You can easily find shellcode on the
internet, or write your own.