How to do it...

The following steps demonstrate the stack-based buffer overflow:

  1. Let's take a look at another simple C program:
        #include<stdio.h> 
        #include<string.h> 
        void main(int argc, char *argv[]) 
        { 
            char buf[120]; 
            strcpy(buf, argv[1]); 
            printf(buf); 
        }  

This program uses a vulnerable method strcyp(). We save the program to a file.

  1. We then compile the program with gcc using the fno-stack-protector and execstack:
        gcc -ggdb name.c -o name -fno-stack-protector -z execstack
  1. Next, we turn off address space randomization using this:
        echo 0 > /proc/sys/kernel/randomize_va_space
  1. Now we open our program in gdb using this command:
        gdb ./name

The following screenshot shows the output of the preceding command:

  1. Next, we supply our input using ...

Get Kali Linux - An Ethical Hacker's Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.