Vulnerability Development mailing list archives
Re: buffer overflow - fundamentals
From: honoriak <EGC () ARGEN NET>
Date: Thu, 8 Feb 2001 23:33:50 +0100
sorry. i don't see it very well :/ i thought that it was in main() becuase it was a example vulnerable program.. thz rpc -honoriak
visi0n is correct. this is a heap overflow because the variable is
global, thus
stored in the .bss section. this was probably not what the original
author
intended. --rpc On Wed, 7 Feb 2001 20:35:22 +0100, honoriak said:visi0n wrote: > This is a heap overflow, look for traceroute advisory. >
===============================================================================
it's a buffer overflow. not heap i think; in the source code i can
see char
buff[2]; and not malloc() or new *char[2].. if it was c++. a lot of good texts about buffer overflows and format bugs you can
see at:
http://julianor.tripod.com by juliano rizzo from core SDI. -honoriak > visi0n > AUX Technologies > [www.aux-tech.net] > > On Mon, 5 Feb 2001, adeon wrote: > > > Hello , > > > > I've wondered (I'm beginner) on how to make a buffer overflow
> > exploit. So, let's say that i've got suid program (compiled)
and owned
> > by root: > > > > //----- cut here > > #include <stdio.h> > > > > char buff[2]; > > > > int main() > > { > > printf("Enter some letters:"); > > scanf("%s",buff); > > return 0; > > } > > //---- cut here > > > > Can anyone explain me how to make an exploit for it? Can
anyone give
> > some example of exploits? > > > > > > -- > > Best regards, > > adeon mailto:adeon () dino open net pl > >
Current thread:
- Re: buffer overflow - fundamentals, (continued)
- Re: buffer overflow - fundamentals maillist (Feb 06)
- Re: buffer overflow - fundamentals visi0n (Feb 06)
- Re: buffer overflow - fundamentals honoriak (Feb 07)
- Re: buffer overflow - fundamentals rpc (Feb 08)
- Re: buffer overflow - fundamentals Larry W. Cashdollar (Feb 08)
- Re: buffer overflow - fundamentals honoriak (Feb 07)
- Re: buffer overflow - fundamentals Rasta C. Shell (Feb 07)
- Re: buffer overflow - fundamentals LV (Feb 07)
- Re: buffer overflow - fundamentals Robert G. Ferrell (Feb 07)
- Re: buffer overflow - fundamentals gregory duchemin (Feb 08)
- Re: buffer overflow - fundamentals visi0n (Feb 08)
- Re: buffer overflow - fundamentals honoriak (Feb 08)
- Re: buffer overflow - fundamentals jknoxville (Feb 08)