Learning gdb for Bufferoverflow on linux



Security tube smashing the stack part 1


Vulnerable code


#include <unistd.h>
#include <stdio.h>
GetInput()
{
   char buff[8];
   gets(buff);
   puts(buff);
}

int main()
{
   GetInput();
   return 0;
}


#way to compile
gcc -ggdb -mpreferred-stack-boundary=2 -o demo sec_tube.c

#way to overflow
printf "123456789abcdefgh" | ./demo



#GDB Commands
list  // to list the program
list 1 // to list first funcation
break 12  //to set the break poin on line 12
disas main // to disasamble main function
run // to run the program
s  //step fwd
x/8xw $esp  // get nxt 8 words from stack (prob)
print /x $eip   // to print value of eip

Comments

Popular posts from this blog

MY OSCP REVIEW

Minishare 1.4.1 Bufferoverflow

Port forwarding and pivoting