fork download
copy 
  1. /*
  2.   StackOverrun.c
  3.   This program shows an example of how a stack-based 
  4.   buffer overrun can be used to execute arbitrary code.  Its 
  5.   objective is to find an input string that executes the function bar.
  6. */
  7.  
  8. #pragma check_stack(off)
  9.  
  10. #include <string.h>
  11. #include <stdio.h> 
  12.  
  13. void foo(const char* input)
  14. {
  15.     char buf[10];
  16.  
  17.     printf("My stack looks like:\n%p\n%p\n%p\n%p\n%p\n% p\n\n");
  18.  
  19.     strcpy(buf, input);
  20.     printf("%s\n", buf);
  21.  
  22.     printf("Now the stack looks like:\n%p\n%p\n%p\n%p\n%p\n%p\n\n");
  23. }
  24.  
  25. void bar(void)
  26. {
  27.     printf("Augh! I've been hacked!\n");
  28. }
  29.  
  30. int main(int argc, char* argv[])
  31. {
  32.     //Blatant cheating to make life easier on myself
  33.     printf("Address of foo = %p\n", foo);
  34.     printf("Address of bar = %p\n", bar);
  35.     if (argc != 2) 
  36.  {
  37.         printf("Please supply a string as an argument!\n");
  38.         return -1;
  39. 	} 
  40. foo(argv[1]);
  41.     return 0;
  42. }
Runtime error #stdin #stdout 0s 9432KB
comments (?)
stdin
copy 
Standard input is empty
stdout
copy 
Address of foo = 0x2b640ebd57c0
Address of bar = 0x2b640ebd5800
Please supply a string as an argument!
https://ideone.com/kGkjw5
language:
C (gcc 8.3)
created:
7 years ago
visibility:
public

Share or Embed source code

Discover > Sphere Engine API

The brand new service which powers Ideone!

Discover > IDE Widget

Widget for compiling and running the source code in a web browser!