May 5, 2021

How do you read a .txt file in the same directory as the program using buffer overflow and return oriented programming?

j6WkNCe97pL1QTa58tHx_cWlDskDlqQaa0vEjV-ZWko.jpg

Home Forums How do you read a .txt file in the same directory as the program using buffer overflow and return oriented programming?

This topic contains 1 reply, has 2 voices, and was last updated by  rdgeno 2 weeks, 3 days ago.

  • Author
    Posts
  • #384469

    anonymous
    Participant


    The program in question is a simple c program that is susceptible to the buffer overflow attack, uses fixed addresses and has nx protection. I am running the program on x86-64 linux. The program reads from another file and the payload will be loaded from that file.

    I first tried run a return to shell exploit which worked, but the requirements was not to use external programs like cat. addresses I loaded for shell: https://imgur.com/a/wvkTiMW

    Now the problem is that I tried to run all the local instructions instead like fopen, fread and puts together with all the rop gadgets to set the values of the arguments but fread does not write anything into the target address for puts to print. Stack: https://imgur.com/a/SZjfWcy

    I would like to know if there is a better way to read and print directly from the file instead.

  • #384471

    rdgeno

    Ok first you open Chrome or any other browser then you type your question in. Then and fuck all but it happens you get an answer to a simple question like this. I’m just saying Google or something before you ask here.

    Worst case follow this link.

    https://youtu.be/NgIBnZF34Go

You must be logged in to reply to this topic.