C++

Forum

 
Buffer overflow problem

adam2016 (1525)
Hello again peeps,

I am following along with this tutorial https://null-byte.wonderhowto.com/how-to/hack-like-pro-build-your-own-exploits-part-2-writing-simple-buffer-overflow-c-0159478/

on how buffer overflows attacks happen and occur but I can't seem to figure out why my code is giving me a much different output in the tutorial the difference between the memory addresses is 16 bytes and some even report it to be 32 bytes depending on the system but when I run my code the difference seems to be 1272 which is way too big to sound round,maybe this is because some extra padding(a lot of padding) has been added to my code? note my IDE is codeblocks and it is in release mode

so then I tried yo populate the place buffer and in between with all 'N's but it crashes before I can even run a system command,

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
 


#include <iostream>
#include <stdio.h>
#include <cstdlib>

using namespace std;

int main()
{
    char *place;
    char *systemCommand;
    place = (char *)malloc(10);
    systemCommand = (char *)malloc(128);
    cout << "address of place" << &place << endl;
    cout << "address of system comand" << &systemCommand << endl;
    cout << "difference between them " << systemCommand - place;
    for(int i = 0; i < 1272; i++){

        place[i] = 'N';
    }

    system(systemCommand);
    return 0;
}


I even tried doing it purely in C style coding

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
 

#include <iostream>
#include <stdio.h>
#include <cstdlib>

using namespace std;

int main()
{
    char *place;
    char *systemCommand;
    place = (char *)malloc(10);
    systemCommand = (char *)malloc(128);
    printf("memory address of place %d \n",place);
    printf("memory address of place %d \n",systemCommand);
    printf("difference between them %d \n",systemCommand - place);
    gets(place);

    system(systemCommand);
    return 0;
}


and still get a difference of 1272 bytes,wonder why

thanks

Last edited on
Peter87 (11175)
These kind of things is very compiler/platform specific. The author of the tutorial is obviously using Linux and it is quite likely that it will work differently on Windows.
Last edited on
punksheep (41)
Hi adam2016,
Address of allocated memory has the logic of the memory manager ^_^
The dumping values mean something and can give you a clue about the memory manager itself but that's all.
There's no "logic" about that anyway :o)

On your example, I have a difference of -4928 myself :oP~
closed account (E0p9LyTq)
@Peter87, Win 10 Pro x64, Visual Studio 2017.

Different memory values every run. Some runs the difference is a negative value, others positive.

What can I say? Its Windows®™. :Þ
Last edited on
Topic archived. No new replies allowed.