buffer-overflow

问题 Soon, I am due to be giving a presentation to my class (doing a degree in computer science) where I want to give a basic example of a buffer overflow and why it's a problem. However, I can't get my buffer overflow to work. The issue is that as soon as the crash is caused, the process is terminated, even if the process is attached to a debugger like xdbg (in VS, an exception is thrown). I think this is caused by one of the protections built into Windows 10. I have gone through the following

问题 Soon, I am due to be giving a presentation to my class (doing a degree in computer science) where I want to give a basic example of a buffer overflow and why it's a problem. However, I can't get my buffer overflow to work. The issue is that as soon as the crash is caused, the process is terminated, even if the process is attached to a debugger like xdbg (in VS, an exception is thrown). I think this is caused by one of the protections built into Windows 10. I have gone through the following

问题 I'm getting buffer overflow while RECORDING with my app. The recording is performed in a Service . I could not figure out why I'm getting this message from AudioFlinger . Below I instantiate the AudioRecord object and set it's callbacks. bufferSize = AudioRecord.getMinBufferSize(sampleRate, channelConfig, audioFormat); aRecorder = new AudioRecord(audioSource, sampleRate, channelConfig, audioFormat, bufferSize); aRecorder.setRecordPositionUpdateListener(updateListener); bytesPerSample =

问题 For a homework assignment, I am performing a series of buffer overflow attacks. I was given a program to disassemble, the source code in C for a function that improperly calls gets() , and the source code for several other functions that I am supposed to force the program to call. For one of the tasks, I have to: Inject some code that changes a value, then Return to one of the aforementioned methods The main thing that I don't understand where the program looks in the stack when determining

问题 This question already has answers here : Why is the gets function so dangerous that it should not be used? (11 answers) Closed 2 years ago . The declaration of gets is: char * gets ( char * str ); Note the glaring omission of a maximum size for str . cplusplus.com says 2 : Notice that gets is quite different from fgets: not only gets uses stdin as source, but it does not include the ending newline character in the resulting string and does not allow to specify a maximum size for str ( which

问题 I have to do this if statement , or it turns in an infinite loop if some invalid input like "17d" is set. Why ? I think something with buffer but scanf reads from stdin not from stream? int age; while (age != 0) { printf("How old are you? "); if(scanf("%d", &age) > 0) { printf("You are %d years old!\n", age); } else { break; } } 回答1: When scanf does not succeed, it leaves the input in the stream. You need to ignore the rest of the line and ask the user to provide the input again. You can add

问题 I have the following code to simulate buffer overflow. Edit: I missed an important step in the code below. As the discussion progressed that the variable c is getting modified. void function (int fd, int e) { int i = 0; int n; char c; char s[44]; . . c = getchar(fd); . //Some check on c s[i++] = c; . //Some more local variables and some operations on them. } I am trying to overflow the buffer by sending more input > 4 bytes in order to see how the local variables and EBP and RET and arguments

问题 I played around with buffer overflows on Linux (amd64) and tried exploiting a simple program, but it failed. I disabled the security features (address space layout randomization with sysctl -w kernel.randomize_va_space=0 and nx bit in the bios). It jumps to the stack and executes the shellcode, but it doesn't start a shell. The execve syscall succeeds but afterwards it just terminates. Any idea what's wrong? Running the shellcode standalone works just fine. Bonus question: Why do I need to

问题 I just wrote a C Code which is below : #include<stdio.h> #include<string.h> void func(char *str) { char buffer[24]; int *ret; strcpy(buffer,str); } int main(int argc,char **argv) { int x; x=0; func(argv[1]); x=1; printf("\nx is 1\n"); printf("\nx is 0\n\n"); } Can please suggest me as to how to skip the line printf("\nx is 1\n"); . Earlier the clue which I got was to modify ret variable which is the return address of the function func . Can you suggest me as to how to change the return

问题 I just wrote a C Code which is below : #include<stdio.h> #include<string.h> void func(char *str) { char buffer[24]; int *ret; strcpy(buffer,str); } int main(int argc,char **argv) { int x; x=0; func(argv[1]); x=1; printf("\nx is 1\n"); printf("\nx is 0\n\n"); } Can please suggest me as to how to skip the line printf("\nx is 1\n"); . Earlier the clue which I got was to modify ret variable which is the return address of the function func . Can you suggest me as to how to change the return