Friday, 9 November 2012

C++ Code Hacking 1: Pointer Exploitation

C++ Code Hacking 1: Pointer Exploitation

                 Today I am going to show you how you can access the values of private member variables directly inside main() without the use of any member function.
                  We know that we can access private member variables with the help of public member functions only. It is impossible to access it directly inside main() through objects.But I am going to prove you wrong . Note: This is the final code

     Output: Password Extracted !!! 

                                        Now I will explain what I exactly did here. We know we can access public member variables directly. So I extracted the memory address of of the public variable 'id'. Now because all variable are stored in memory in a continuous manner it is possible to get the address of other variable by knowing the address of one variable.Here I knew the address of the variable  'id'. So I managed to get the password variable address  by trial and error method . Once I got the address of the password variable then I managed to retrieve the value of password (a private member variable) inside main() without any public member functions.

 Few thing you should note here:
  • To exploit in this manner you should have at least one variable in public section of same data type. I haven't tried with other data type so can't tell you about it.
  • To find the address of the variables you need to try out various combinations .