Simple Buffer Overflow Tutorial

– Buffer Overflow Tutorial by Preddy - RootShell Security Group

Our vulnerable program:

– vuln-prog.c

#include <stdlib.h>
#include <stdio.h>
#include <string.h>
 
int bof(char *string) {
 
  char buffer[1024];
 
  strcpy(buffer, string);
 
  return 1;
}
 
int main(int argc, char *argv[]) {
 
  bof(argv[1]);
  printf("Done..\n");
 
  return 1;
}

– vuln-prog.c

this program takes a user supplied string and copies it into ‘buffer’ which can hold 1024
bytes of data. if a user sends 1040 bytes which is more then 1024 bytes… it would
cause the buffer to be overflowwed and it would overwrite parts of memory…

lets compile our vulnerable program:

gcc vuln-prog.c -o vuln-prog

https://www.exploit-db.com/papers/13171