1,542 questions
2
votes
1
answer
242
views
Forcing a C program to take a forged epilogue made with inline-assembly to jump to arbitrary function
This comes from a post about invoking a trivial buffer overflow (to jump to a function present in the source but not called explicitly in any place of the program (2333909/how-can-i-invoke-buffer-...
- 407
1
vote
0
answers
23
views
STM32F407 integration with SEGGER SYS VIEW Fails for LED blinking
I am trying to run FreeRTOS on my stm32f407 discovery board. I am using segger system view continuous recording via j-link. The problem I am facing is that when I run this code:
status = xTaskCreate(...
- 11
4
votes
1
answer
175
views
How can I exploit Buffer Overflow on x86-64 Linux?
I made a simple vulnerable program greet.c:
#include <stdio.h>
#include <string.h>
int main (int argc, char **argv) {
char buf[32];
strcpy(buf, argv[1]);
printf("%s\n"...
- 65
4
votes
1
answer
156
views
How to use buffer overflow to modify function pointer value?
I am currently trying to make a code more safe for a cybersecurity exercise. I was asked to make the flag contained in the secret_function() come out. The problem is that I can't modify the code and ...
- 119
0
votes
0
answers
114
views
Reference Error when exploiting buffer overflow
In the code below when I try to overwrite the stack by exploiting the buffer overflow in the line below.
memcpy(&local_1d,*(void **)local_10[1],(ulong)*(uint *)(local_10[1] + 8));
I also ...
- 17
0
votes
1
answer
106
views
Understanding buffer overflow output, when accessing the hidden function
Sorry if this is the wrong format. Im currently doing a CTF and have a problem where i have to overflow a buffer, to get access to a /bin/sh hidden function, where i then can get a flag.
I think i ...
- 41
1
vote
2
answers
89
views
Is this actually a buffer overflow, or is the author mistaken?
I came across this page here when looking for buffer overflow examples:
https://learn.microsoft.com/en-us/cpp/sanitizers/error-heap-buffer-overflow?view=msvc-170
In this, they mention this code as an ...
- 31
2
votes
1
answer
206
views
Buffer Overflow Exploit - Injecting Code & Redirecting Execution in Attack Lab (x86-64, GDB Debugging)
Here's a revised and well-structured Stack Overflow post incorporating all necessary improvements:
Buffer Overflow Exploit (x86-64, Attack Lab Phase 2) - Injecting Shellcode for Function Call
...
- 139
0
votes
0
answers
24
views
How to buffer overflow this
\`#include \<iostream\>
#include \<cstring\>
void secretFunction() {
std::cout \<\< " Exploit Successful! You've gained control! " \<\< std::endl;
}
void ...
2
votes
0
answers
170
views
Why is code vulnerable to buffer overflow? [closed]
Veracode reported:
This call to ReadFile() contains a potential buffer overflow. The specified size of 92 bytes is larger than the space allocated to the destination buffer (88 bytes).
The code:
...
- 3,968
0
votes
1
answer
187
views
How is a heap overflow attack implemented?
I am learning about heap overflow attacks, but I am encountering a problem.
Based on the knowledge I found online and my own guesses, I believe that a heap overflow attack involves overwriting ...
- 35
0
votes
0
answers
28
views
Error *** buffer overflow detected *** in CRAN check on r-devel-linux-x86_64-debian-clang
I have a package on CRAN that apparently from September last year started having *** buffer overflow detected *** problems in the CRAN checks. The error only occurs on r-devel-linux-x86_64-debian-...
2
votes
0
answers
87
views
system() returns the error sh: 1: : not found when I try to execute it with "/bin/sh" in the register rdi
I am following a walkthrough of a box on VulnHub, The Planets: Venus.
I got the shell to run through a buffer overflow, by putting an 8 byte padding, a gadget(pop rdi; ret), an address pointing to &...
- 31
1
vote
1
answer
147
views
Why are functions b and f called *twice* in this code after b overwrites its return address with &f (32-bit MSVC debug build)?
I have a very strange code, which as far as I understand, replaces the return address of the function b, and thus the function f is called from it. But I do not quite understand why after the function ...
- 21
0
votes
2
answers
67
views
Overflow when encoding a structure into bytes into a buffer
I wrote this function that should write a structure of data into a buffer of bytes then returns how many have been written. The function does the following:
ask as input a buffer of bytes (char *), ...
- 61