Giters

bnlrnz / buffer_overflow

Demonstrating buffer overflow attack in 32 Bit and 64 Bit binaries within 20 lines of C code.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

cbuffer-overflow-attackbuffer-overflowpayload

buffer_overflow

Demonstrating buffer overflow in 32 Bit and 64 Bit binaries. The binaries are compiled as position dependent code/executable (-no-pie).

Makefile / Run buffer overflow

make       # will build the binaries and payloads
./vuln32 < payload32
./vuln64 < payload64

make run   # will build the binaries and payloads, and runs both binaries with the payload as input
make run32 # like run, but just for 32 Bit
make run64 # like run, but just for 64 Bit
make clean # you know what it does

PIE/PIC

If you enable PIE/PIC you need to recalculate the function address of "secretFunction" and run the buffer overflow in gdb (which disables aslr internally) or temporarily deactivate aslr globally for your kernel or locally in a shell session.

Global (needs root)

echo 0 | sudo tee /proc/sys/kernel/randomize_va_space

Don't forget to enable afterwards:

echo 2 | sudo tee /proc/sys/kernel/randomize_va_space

Local

setarch -R /bin/bash

About

Demonstrating buffer overflow attack in 32 Bit and 64 Bit binaries within 20 lines of C code.

cbuffer-overflow-attackbuffer-overflowpayload

Languages

Language:Makefile 45.4%Language:C 33.9%Language:Python 20.7%