Exploit Exercises

Follow us on twitter

Follow @exploitexercise

About

Stack4 takes a look at overwriting saved EIP and standard buffer overflows.

Hints:

A variety of introductory papers into buffer overflows may help.
gdb lets you do "run < input"
EIP is not directly after the end of buffer, compiler padding can also increase the size.

This level is at /opt/protostar/bin/stack4

Source code

 1#include <stdlib.h>
 2#include <unistd.h>
 3#include <stdio.h>
 4#include <string.h>
 5
 6void win()
 7{
 8  printf("code flow successfully changed\n");
 9}
10
11int main(int argc, char **argv)
12{
13  char buffer[64];
14
15  gets(buffer);
16}

Discussion