In this post I am going to show you few examples of buffer overflow and why we need egghunters in certain scenarios For these examples I am going to turn of all security features and compile our code with few unsafe operation flags. Set the system with ASLR disabled - echo 0 | sudo tee /proc/sys/kernel/randomize_va_space Allow stack smashing - Compile the program with -fno-stack-protector Make stack executable - Compile the program with -z execstack Lets get started with some simple vulnerable code Scenario 1 #include<stdio.h> #include<string.h> void main(int argc,char **argv){ char buffer[500]; strcpy(buffer,argv[1]); printf("%s",buffer); } dibyendu@ubuntu:~/Desktop/b0f$ gdb -q ./b0f.o Reading symbols from /home/dibyendu/Desktop/b0f/b0f.o...(no debugging symbols found)...done. (gdb) r $(python -c 'print "A"*100+"B"*200+"C"*300+"D"*400+"E"*50
Web - Network - System - Mobile - Cloud - Automotive - Embedded - Internet Of Things (IOT)