Simple Buffer Overflow Example



Published: 2017-05-16 13:11:48 +0000
Categories: C,

Language

C

Description

This is here primarily as a useful place to point to as an example

We're deliberately allowing the character buffer mybuff to overflow. When called from bash, anything after the 5th input character will end up being executed as a BASH command

Snippet

#include <stdio.h>
#include <unistd.h>

#define BUFLEN 5

void
readMyData()
{
  char mybuff[BUFLEN];
  while (1) {
    int r = read(0, mybuff, BUFLEN);
    if (r <= 0) return;
    mybuff[r] = 0;
    printf("You entered: %s\n", mybuff);
    return;
  }
}

void
main (){

    readMyData();

}

Usage Example

gcc example.c -o overflow
./overflow

1234 whoami

Keywords

Buffer, overflow, security, example, charbuffer,

Latest Posts

Remotely backing up PFsense Configuration (BASH)
FFMPEG: Converting RMVB to X264 MP4 (BASH)
Recursively print table (print_r equivalent) (LUA)
Bulk Delete Comments from (Self-Hosted) JIRA Issues (Misc)
Add a static entry to the ARP table (BASH)
SSL Cipher Hex codes to Human Readable Names (Misc)
Convert Ascii to Binary (BASH)
Intercepting Outbound DNS Queries (BASH)
Handle Google Verification files within NGinx Configuration (NGinx)
Getting WhatsApp Rich Snippet Previews Working (Misc)

Copyright © 2018 Ben Tasker | Sitemap | Privacy Policy
Available at snippets.bentasker.co.uk and snippets.6zdgh5a5e6zpchdz.onion