Example of Linux buffer overflow attack.

Example of Linux buffer overflow attack.

Example of Linux buffer overflow attack.
To start practicing injecting shell code in this repo you have:
+ shellcode.asm – simple asm code that print one word. it doesn’t create any \x00 bytes so you’ll not have any problems with strcpy().
+ victim.c – vulnerable program.
+ shellcode.c – executor for our shellcode.asm
First prepare your OS:
Using any text editor write to /etc/sysctl.conf next lines:

And run $ sudo sysctl -p
After that run ulimit -c unlimited

Makefile

Makefile

Requirements :
+ gcc
+ make
+ objdump
+ nasm
+ python or perl

Attack Scenarios:
The last lines after sh.getshell is your shellcode to execute wherever you want.
To completely finish your action you can do next steps:
1. run gdb victim
2. exec victim with params (count of “A” “B” “C” letters you must find experimentally to have $EIP be filled with only letter “B” – 42 code):

3. Replace “C”*30 with your shellcode you got after make

4. After that you need to replace “B”*4 with return address. You can look for it in stack or just try to use address from $ESP (cause we’ve put our code right after current program).

5. So 0xbffffca0 is our new return address. Just replace “B”*4 with this address reversed. Here we go!

Download : BufferOverflow-Linux.zip(3.6 KB)
Source : https://github.com/shmuga