-
Notifications
You must be signed in to change notification settings - Fork 0
scarlet-oni/buffer-overflow-exploits
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
####### ## ## ###### #### ##### #### ###### #####
## # ## ## ## ## ## ## ## ## # ## # ## ##
## # #### ## ## ## ## ## ## ## #
#### ## ##### ## ## ## ## ## #####
## # #### ## ## # ## ## ## ## ##
## # ## ## ## ## ## ## ## ## ## ## ##
####### ## ## #### ####### ##### #### #### #####
_______________________________________________________________________
ABOUT
_______________________________________________________________________
Description: Using a buffer overflow exploit
Repository: Buffer owerflow exploits
GCC-Compilier: 14.2.0
Tested on: Linux 6.11.2
Author: scarlet-oni
_______________________________________________________________________
#1 EXAMPLE OWERFLOW
_______________________________________________________________________
gcc example_owerflow.c
./a.out <arg>
// the variable buffer_1 is located in memory immediately after buffer_2,
// 5 bytes are allocated for both lines,
// if we exceed the input of the first buffer,
// then it will replace other variables and starting from a certain size will cause the program to terminate
// input 8 bytes
./a.out 12345678
---
[ BEFORE ] buffer_2 info: 0x7ffc9eb5b4d2 | str2
[ BEFORE ] buffer_1 info: 0x7ffc9eb5b4d7 | str1
[ BEFORE ] value info: 0x7ffc9eb5b4dc | 5 (0x00000005)
[ STRCPY ] buffer_2 was writed 8 bytes
[ AFTER ] buffer_2 info: 0x7ffc9eb5b4d2 | 12345678
[ AFTER ] buffer_1 info: 0x7ffc9eb5b4d7 | 678
[ AFTER ] value info: 0x7ffc9eb5b4dc | 5 (0x00000000)
// input 10 bytes
./a.out 1234567891
---
[ BEFORE ] buffer_2 info: 0x7ffe162329c2 | str2
[ BEFORE ] buffer_1 info: 0x7ffe162329c7 | str1
[ BEFORE ] value info: 0x7ffe162329cc | 5 (0x00000005)
[ STRCPY ] buffer_2 was writed 10 bytes
[ AFTER ] buffer_2 info: 0x7ffe162329c2 | 1234567891
[ AFTER ] buffer_1 info: 0x7ffe162329c7 | 67891
[ AFTER ] value info: 0x7ffe162329cc | 0 (0x00000000)
// input 15 bytes
./a.out 123456789123456
---
[ BEFORE ] buffer_2 info: 0x7ffd0e05b892 | str2
[ BEFORE ] buffer_1 info: 0x7ffd0e05b897 | str1
[ BEFORE ] value info: 0x7ffd0e05b89c | 5 (0x00000005)
[ STRCPY ] buffer_2 was writed 15 bytes
[ AFTER ] buffer_2 info: 0x7ffd0e05b892 | 123456789123456
[ AFTER ] buffer_1 info: 0x7ffd0e05b897 | 6789123456
[ AFTER ] value info: 0x7ffd0e05b89c | 892613426 (0x00000000)
// input 25 bytes
./a.out 123456789123456123456789
---
[ BEFORE ] buffer_2 info: 0x7fff97808d62 | str2
[ BEFORE ] buffer_1 info: 0x7fff97808d67 | str1
[ BEFORE ] value info: 0x7fff97808d6c | 5 (0x00000005)
[ STRCPY ] buffer_2 was writed 24 bytes
[ AFTER ] buffer_2 info: 0x7fff97808d62 | 123456789123456123456789
[ AFTER ] buffer_1 info: 0x7fff97808d67 | 6789123456123456789
[ AFTER ] value info: 0x7fff97808d6c | 892613426 (0x00000000)
zsh: segmentation fault (core dumped) ./a.out 123456789123456123456789
_______________________________________________________________________
#2 NOTE SEARCHER EXPLOIT
_______________________________________________________________________
// launch
gcc -o notesearcher.o note_searcher.c
gcc exploit_notesearcher.c
./a.out
// You can set the offset yourself
./a.out <your offset>
______________________________________________________________________
LEGAL STATEMENT
______________________________________________________________________
By downloading, modifying, redistributing, and/or executing buffer-overflow-exploits, the
user agrees to the contained LEGAL.txt statement found in this repository.
I, scarlet-oni, the creator, take no legal responsibility for unlawful actions
caused/stemming from this program.
Use responsibly and ethically!
About
using a buffer overflow exploit
Topics
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published