buffer overrun
-
hmm i dunno if this is appropriate but my question is how to do a simple bufferoverrun which hack into a function. basically i got a c++ code which has 2 function, foo() and bar(). the program accept input and pass the input to foo(). i want to buffer overrun till it reads into bar() function. can this be done??
-
hmm i dunno if this is appropriate but my question is how to do a simple bufferoverrun which hack into a function. basically i got a c++ code which has 2 function, foo() and bar(). the program accept input and pass the input to foo(). i want to buffer overrun till it reads into bar() function. can this be done??
nuttynibbles wrote:
can this be done??
Sure. I've never tried it so I do not have any examples. See here.
"Old age is like a bank account. You withdraw later in life what you have deposited along the way." - Unknown
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
-
nuttynibbles wrote:
can this be done??
Sure. I've never tried it so I do not have any examples. See here.
"Old age is like a bank account. You withdraw later in life what you have deposited along the way." - Unknown
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
-
I'm not really in a position to judge someone, Richard. A lot of what I know today is a direct result of my past. I was not a criminal, but I did want to know how things worked.
"Old age is like a bank account. You withdraw later in life what you have deposited along the way." - Unknown
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
-
I'm not really in a position to judge someone, Richard. A lot of what I know today is a direct result of my past. I was not a criminal, but I did want to know how things worked.
"Old age is like a bank account. You withdraw later in life what you have deposited along the way." - Unknown
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
DavidCrow wrote:
I'm not really in a position to judge someone
Nor me, but the original question included the following "my question is how to do a simple bufferoverrun which hack into a function.", which leads me to believe this could well be someone trying to write a virus of sorts.
-
DavidCrow wrote:
I'm not really in a position to judge someone
Nor me, but the original question included the following "my question is how to do a simple bufferoverrun which hack into a function.", which leads me to believe this could well be someone trying to write a virus of sorts.
hey sorry guys but its actually for a simple school assignment. we need to know the ways of buffer overrun to better write a secure system. things like strcpy are vulnerable if not used correctly
modified on Wednesday, November 4, 2009 5:44 PM
-
hey sorry guys but its actually for a simple school assignment. we need to know the ways of buffer overrun to better write a secure system. things like strcpy are vulnerable if not used correctly
modified on Wednesday, November 4, 2009 5:44 PM
-
Perhaps your request could have been worded better; the word 'hack' tends to ring alarm bells.
haha my bad. anw i managed to do it. basically do buffer overrun and when the system crash, find the return address. use ASCII to input the function address that u wanna gain access to.
-
haha my bad. anw i managed to do it. basically do buffer overrun and when the system crash, find the return address. use ASCII to input the function address that u wanna gain access to.