This repository contains the code of a simple program in the C programming language, in which it is possible to perform a buffer overflow attack. The simple_programm program in the Makefile is defined to build with the disable canary flag which is designed to protect against this type of attack (to enable the demonstration). The repository also contains code in the Python programming language, through which this type of attack is carried out.
Step 1
- Go to home directory and clone repository from github:
cd ~ && git clone https://SergeyIvanovDevelop@github.com/SergeyIvanovDevelop/Buffer-Overflow-Attack
Step 2
- Go to the directory of the downloaded repository:
cd ~/Buffer-Overflow-Attack
Step 3
- Installing dependencies:
pip3 install -r ./requirements.txt
Step 4
- Build the
Cprogram:make -f Makefile
Step 5
- Execute the
Pythonscript:python3 exploit.py
If a command line prompt appears in the terminal where the Python script was executed, this means that all actions have been performed correctly and the attack has been successfully carried out (the win(void) function was called from the simple_program program, although this function is not called anywhere in this program). An attacker through a vulnerability in a C program was able to gain access to the system.
Buffer-Overflow-Attack is CC BY-NC-SA 3.0 licensed.