Basic project to demonstrate a process injection to buffer over overflow. In a secure testing and development environment, involving a vulnerable program.
src/vulnerable.c: The vulnerable program that contains a buffer overflow vulnerability.src/exploit.c: The program to exploit the vulnerability (optional).src/injector.c: A shell process injector, this inject shell code into the vulnerable program.docs/exploit_flow.md: A document explaining the technical flow of the exploit.
-
Ensure you have a C compiler (such as MINGW GCC) installed.
-
Clone this repository or download the project files.
-
Navigate to the project directory and run the following command to compile all files:
make all
The compiled binaries will be placed in the build/ directory.
-
Use this command to clear the compiled files:
make clen
-
Start the Vulnerable Program: First of all, start the vulnerable program that contains the buffer overflow vulnerability:
./build/vulnerable
-
Run the Injector: In a split or separeted terminal, run the injector to inject the shellcode into the vulnerable program:
./build/injector
-
Observe the Result: Once the injector successfully injects the shellcode, the payload (shellcode) will execute within the vulnerable process, spawning a shell.
- A Windows machine or environment (if using MinGW for compilation).
- GCC or another C compiler.
This project is for educational purposes only. The buffer overflow exploit and injector are meant to demonstrate how vulnerabilities can be exploited in a controlled environment. Please do not use this code in unauthorized environments.