Exploiting a simple stack-based buffer overflow
In this section, we will cover exploiting. It consists of writing a program or a script that takes advantage of a vulnerability.
In this case, we will exploit our stack overflow sample application to execute arbitrary code on the system. The following code is what we want to exploit:
00 #include<string.h> 01 02 int main(int argc, char *argv[]) { 03 char buffer[200]; 04 strcpy(buffer, argv[1]); 05 return 0; 06 }
Using the –m32
flag of the MinGW64 compiler, we compile the code for the x86 architecture:
C:\Users\virusito\vulns>gcc.exe stack_overflow.c -o stack_overflow.exe -m32 :\Users\virusito\vulns>
Now, we can check that it works correctly when the first argument is short:
C:\Users\virusito\vulns>stack_overflow.exe AAAAAAAAAAAA :\Users\virusito\vulns>
Now, we can check that it works correctly when the first argument is short but crashes...