Basic exploitation in a variety of languages
overflow.c is a basic buffer overflow in C. We create 2 char buffers, buffer_one and buffer_two both of which are initialized to be 8 bytes long, (this one tricked me as you''ll see). When we feed this program 8 characters, say AAAAAAAA, I expected this to work and not cause an overflow, as our buffer was 8 bytes long. However in C the last byte is a nulll byte, and so technically speaking, my buffer size of 8 can really only take 7 characters + 1 null byte. So 7 is the most amount of characters I can feed this program as the 8th byte is the null byte. Here is the output when I input 7 and 8 characters:
titanium@Saads-MBP Desktop % ./overflow AAAAAAA
[BEFORE] buffer_two is at 0x7ffee943cb78 and contains 'two'
[BEFORE] buffer_one is at 0x7ffee943cb80 and contains 'one'
[BEFORE] value is at 0x7ffee943cb64 and is 5 (0x00000005)
[STRCPY] copying 7 bytes into buffer_two
[AFTER] buffer_two is at 0x7ffee943cb78 and contains 'AAAAAAA'
[AFTER] buffer_one is at 0x7ffee943cb80 and contains 'one'
[AFTER] value is at 0x7ffee943cb64 and is 5 (0x00000005)
titanium@Saads-MBP Desktop % ./overflow AAAAAAAA
[BEFORE] buffer_two is at 0x7ffee4144b78 and contains 'two'
[BEFORE] buffer_one is at 0x7ffee4144b80 and contains 'one'
[BEFORE] value is at 0x7ffee4144b64 and is 5 (0x00000005)
[STRCPY] copying 8 bytes into buffer_two
zsh: illegal hardware instruction ./overflow AAAAAAAA