pwn/buffer_overflow_1
This commit is contained in:
42
pwn/buffer_overflow_1/vuln.c
Normal file
42
pwn/buffer_overflow_1/vuln.c
Normal file
@@ -0,0 +1,42 @@
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
#include <sys/types.h>
|
||||
#include "asm.h"
|
||||
|
||||
#define BUFSIZE 32
|
||||
#define FLAGSIZE 64
|
||||
|
||||
void win() {
|
||||
char buf[FLAGSIZE];
|
||||
FILE *f = fopen("flag.txt","r");
|
||||
if (f == NULL) {
|
||||
printf("%s %s", "Please create 'flag.txt' in this directory with your",
|
||||
"own debugging flag.\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
fgets(buf,FLAGSIZE,f);
|
||||
printf(buf);
|
||||
}
|
||||
|
||||
void vuln(){
|
||||
char buf[BUFSIZE];
|
||||
gets(buf);
|
||||
|
||||
printf("Okay, time to return... Fingers Crossed... Jumping to 0x%x\n", get_return_address());
|
||||
}
|
||||
|
||||
int main(int argc, char **argv){
|
||||
|
||||
setvbuf(stdout, NULL, _IONBF, 0);
|
||||
|
||||
gid_t gid = getegid();
|
||||
setresgid(gid, gid, gid);
|
||||
|
||||
puts("Please enter your string: ");
|
||||
vuln();
|
||||
return 0;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user