I'm studying buffer overflow, and I'm trying to jump to the function 'confused' and then print out "done" at the end of main by performing buffer overflow.
#include<stdio.h>
#include<stdlib.h>
int i, n;
void confused(int i) {
printf("**Who called me? Why am I here?? *** %x\n ", i);
;
}
void shell_call(char *c) {
printf(" ***Now calling \"%s\" shell command *** \n", c);
system(c);
}
void victim_func(){
int a[4];
printf("\nEnter n: "); scanf("%d",&n);
printf("~~~~~~~~~~~~~ values and address of n locations ~~~~~~~~~~");
for (i = 0;i <n ;i++)
printf ("\n a[%d] = %x, address = %x", i, a[i], &a[i]);
printf("\nEnter %d HEX Values \n", n);
// Buffer Overflow vulnerability HERE!
for (i=0;i<n;i++) scanf("%x",&a[i]);
printf("Done reading junk numbers\n")
}
int main() {
printf("\n ~~~~~~~~~~~~~~~~~ Info Menu ~~~~~~~~~~~~");
printf("\n addrss of main %x", main);
printf("\n addrss of shell_cal %x", shell_call);
printf("\n addrss of confused %x", confused);
victim_func();
printf("\n done");
return 0;
}
What I did is I put 7 for n, and for 6th hex value I inserted the address of confused and for 7th the address of printf in main. It successfully prints out "done" after the confused function, but the program goes back to the start of main. I thought the program would terminate after printing out "done".
I just wonder if I did something wrong, or it is the way it should do.
You can always call exit() in your shell code to terminate the program. However, you can't do it using system(), because system() will create a child process which always ultimately return to it parent. You need to directly call exit() using assembly.
Related
I am playing around with this code from one of my lecture slides and one of my questions is when printing out the array why can't we use the pointer instead of just printing "a", In the last line of the print statement
printf("\n message after decryption: %s\n", a);
I don't see why we cant use a pointer to print out the array. Can someone explainto me why this can't be done?
printf("\n message after decryption: %s\n", *q);
#include <stdio.h>
#define NUM 78
int main()
{
int i = 0;
char a[] = "Hello CSE 240";
printf("\n message: %s\n ", a);
while(a[i] != '\0'){a[i] = *(a+i)+1;i++;}
printf("\n message after encryption: %s\n ", a);
char *q = a;
while(*q != '\0'){*q = *q-1;q++;}
printf("\n message after decryption: %s\n", a);
}
You want to print out the content of the array after the q modification loop but it after all the increment it points to the null termination character i.e. '\0' - hence using q in printf will print this only - message after decryption: - modified array/string will not be printed.
To do it with q you need to reassign q to the first element of the array: q=a after the while loop ends.
and then this statement will work as you wish:
printf("\n message after decryption: %s\n", q);
It is good that you have changed the print statement with the suitable format specifier.
#include <stdio.h>
#define NUM 78
int main()
{
int i = 0;
char a[] = "Hello CSE 240";
printf("\n message: %s\n ", a);
while(a[i] != '\0'){a[i] = *(a+i)+1;i++;}
printf("\n message after encryption: %s\n ", a);
char *q = a;
while(*q != '\0'){*q = *q-1;q++;
//decrypting the value of a
}//end of this is pointing to null
q=a;//repointing to point a
printf("\n message after decryption: %c\n", *q);//H is printed
printf("\n message after decryption: %s\n", q);//Hello CSE 240 is printed
}
My teacher isn't willing to help me with my error so I don't know where else to go. On line 19, addition();, the error says that there are too few arguments in the function call and I'm not sure why this is. I am a beginner programmer, but I have called functions before so I'm not sure why I am getting a problem now.
#include <stdio.h>
int addition(int *change);
int main(void)
{
int num = 10;
printf("Name \t Address \t Value\n");
printf("%s \t %p \t %d\n", "num", &num, num);
int *change = #
printf("Change: %p\n", change);
*change = 100;
printf("The value of num is %d \n", num);
printf("The value of change is %d \n", *change);
addition();
return 0;
}
int addition(int *change)
{
int input;
int result = input + *change;
printf("Input a value ");
scanf("%d", &input);
printf("The result will be change (%d) + input (%d)\n", *change, input);
printf("Result: %d", result);
return 0;
}
Perhaps this would be better suited to a comment, but I lack the required reputation to post comments...
When you're calling a function, you often have to supply some information. If I walked up to you and commanded "Add!" you might reply "what should I add?" This is essentially what your error message is telling you. You're issuing a command, but you're not giving it enough information to complete that command.
You can find what additional information is required by a function by glancing at its declaration. In this case, your function declaration is:
addition(int *change)
meaning that, in order to function properly, the function requires a pointer to an integer (int *). Every time you call the addition function, you have to supply this argument so that the function knows the number to which it is expected to add.
This question already has answers here:
srand() — why call it only once?
(7 answers)
Closed 6 years ago.
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
int dorand(){
int i;
srand(time(0));
i = rand()%3+1;
return i;
}
int main (){
printf("\n %d \n", dorand());
printf("\n %d \n", dorand());
printf("\n %d \n", dorand());
printf("\n %d \n", dorand());
return 0;
}
The issue is: the four printf are printing the same number.
When I do the rand() directly in the main function there is no problem at all but when I call a function to do so the random generation gets addicted to the same number. Do someone have some experience to share, please?
I've tried:
int main (){
srand(time(0)) //seeding in the main function before calling the dorand function
printf("\n %d \n", dorand());
printf("\n %d \n", dorand());
printf("\n %d \n", dorand());
printf("\n %d \n", dorand());
return 0;
}
Also
int dorand(){
int i;
i = 0; //clearing the variable before attributing a new rand value
srand(time(0));
i = rand()%3+1;
return i;
}
Sorry if I mistook something, thanks for helping
The srand function seeds the random number generator. For a given seed value, the same set of random numbers gets generated.
Since you re-seed each time you want a random number, using the current time as the seed, assuming each call to the function happens in the same second the random number function is seeded with the same value, so you keep getting the same "random" numbers.
You should call srand only once at the beginning of your program. Remove the call from dorand and put it at the top of main.
Currently I am writing a simple program in C that reads in values the user enters in a loop. For some reason, when I initialize the integer a I am given a random value as opposed to the value I specified. Any help would be greatly appreciated
#include <stdio.h>
int main()
{
char sName[10];
int sTime;
int a = 0;
printf("%d", &a);
printf("Please enter the name of your snail: ");
scanf("%s", &sName);
for(a = 10; a < 20; a = a + 1) {
printf("%d", &a);
printf("Please enter the %d time of your snail: ", &a + 1);
scanf(" %d ", &sTime);
}
return 0;
}
Change this:
printf("%d", &a);
to this:
printf("%d", a);
&a is the address of a (and it's of type int*, so %d is the wrong format). a gives you the value of a.
You still need the & in scanf(" %d ", &sTime);; scanf needs the address of sTime so it knows where to store the value.
You're printing the address of a. You don't want the & in there:
printf("%d", a);
You do want the & for scanf() because you need to tell that function where (at what address) to store the value.
#include <stdio.h>
int main(void)
{
int a,b,c;
printf("Enter values of a,b,c:");
scanf("%d %d %d",a,b,c);
printf("\nDescending order of the numbers entered:");
/*Test for Biggest Number*/
if((a>b)&&(a>c))
printf("%d",a);
else if((b>a)&&(b>c))
printf("%d",b);
else if((c>a)&&(c>b))
printf("%d",c);
/*Test for Second Biggest Number*/
if((a>b&&a<c)||(a<b&&a>c))
printf("%d",a);
else if((b>a&&b<c)||(b<a&&b>c))
printf("%d",b);
else if((c>a&&c<b)||(c<a&&c>b))
printf("%d",c);
/*Test for Smallest Number*/
if((a<b)&&(a<c))
printf("%d",a);
else if((b<a)&&(b<c))
printf("%d",b);
else if((c<a)&&(c<b))
printf("%d",c);
return 0;
}
this is a c program in which 3 numbers are entered and the program prints the in descending order. i compiled the program and the ran the program.after entering the three numbers the program would just crash. is there something wrong with my code or do i have to add something?
That's because you are not passing the address of your variables to scanf. Change
scanf("%d %d %d",a,b,c)
to
scanf("%d %d %d",&a,&b,&c)
Try to use:-
scanf("%d %d %d",&a,&b,&c)
instead of
scanf("%d %d %d",a,b,c)
as & refers to the address of your variables.
In C the parameters are passed by value so you need to pass the address (or pointer). When you pass the address (or pointer) then scanf knows where it has to put the value.