– Buffer Overflow Tutorial by Preddy - RootShell Security Group
Our vulnerable program:
– vuln-prog.c
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
int bof(char *string) {
char buffer[1024];
strcpy(buffer, string);
return 1;
}
int main(int argc, char *argv[]) {
bof(argv[1]);
printf("Done..\n");
return 1;
}
– vuln-prog.c
this program takes a user supplied string and copies it into ‘buffer’ which can hold 1024
bytes of data. if a user sends 1040 bytes which is more then 1024 bytes… it would
cause the buffer to be overflowwed and it would overwrite parts of memory…
lets compile our vulnerable program:
gcc vuln-prog.c -o vuln-prog