 Mar 08, 2022

# C programming strings

In our "Manipulating data with C" article we saw how we can store data in memory. We used the "char" variable to store a single character. Also in our Arrays i C article we learned how to use array to store multiple data.

A string is an array of characters. As a example we are going to make a string in memory and store the word "HACKSLAND" in it.

In the word "HACKSLAND" there are nine characters. So we need minimum 9 array cells to store it. Let's assume that we create an array with nine cells and store our word's characters in it.

``````char buff;

buff = 'H';
buff = 'A';
buff = 'C';
buff = 'K';
buff = 'S';
buff = 'L';
buff = 'A';
buff = 'N';
buff = 'D';
``````

In following image you can see the memory layout of this array. Hear you want to think about some points. Hear you ca see we have stored some characters in the buffer. These are hexadecimal representations of ASCII characters. Hear 44 represent the character H. 41 is A , 43 is C and so on. You can access this ASCII table by entering `man ascii` in your Linux terminal. Our character array is in the memory range 0xbffffcf4 to 0xbffffcfd. (0xbffffcf4 is the low memory address and 0xbffffcfd is the high memory address.) If you closely look at the string you can see it is in reverse order. The character H is in the last position while the character D is in the first place. If you read our previous articles you know this is because Little endian notation. Also note that after our string there are some other data.

OK guys, But there is a problem hear. Let's think we supply a string to a function. what we do is get the starting point of the string and supply this address as the argument. But how function  know the end of the string? The size of the string is not equal each time.  For an example think about an integer. Any function works with integers know the size of a integer. So if function know an integer is located at 0xbffffcf4 it can calculate the ending point of the variable and access the value. What happen when we pass a string to a function? A string has no fixed size. Some strings are short while others are very long. So we use a special trick to solve this issue. That's called a 'null byte'. When we save a string in memory we add a null byte to the end of the string. So whenever a function see this null byte it identifies the length of the string.

So if we want to store a string that's size is n bytes we need n+1 bytes to store it. Let's make above string again with size 10. (9 bytes for store characters and one byte for null character.)

``````
char buff;
``````

First we create a array with type of char. It's size is 10.

``````
buff = 'H';
buff = 'A';
buff = 'C';
buff = 'K';
buff = 'S';
buff = 'L';
buff = 'A';
buff = 'N';
buff = 'D';
buff = '\n';

``````

Today I selected a basic crackme to demonstrate crackme solving with GDB. Also, we can solve this....

Metasploit is an awesome tool. It can be used to automate the exploitation process, generate....

Hello there in this article we are going to see how we can exploit and win protostar stack 3 level..... 