A buffer overflow program in C
This is a team assignment. Requirements are to do a buffer overflow passing in shell-code. This project uses a perl script to run the exploit. Supported operating systems are Linux using gcc
compiler and Windows using borland
compiler. Mac is currently not supported.
Team name is 'shell-code', members: Tim Unger Sam Gronhovd Will Czifro
Screenshots of it running successfully will be located in results/
. There you will see it jumping to bar function for both Windows and Linux as well as proof of it spawning a shell on Linux. Assembly version of the shellcode is provided as will in src/
. The assembly only supports spawning Linux shell. Makefile does not support compiling it.
This has been tested on Ubuntu 14.04LTS and can successfully spawn a shell.
- clone repo
- turn off ASLR using
sudo sysctl -w kernel.randomize_va_space=0
, this will force program to use same address each execution. - in directory, run
make linux-stack-overrun
to compile C program in 32bit mode, 64bit not supported- if you get an error, you will need to install
libc6-dev-i386
to compile as 32bit
- if you get an error, you will need to install
- run
perl Linux-HackOverrun.pl
to run exploit to call different function defined in C program- If it does not work right away, you may need to change the address in the script to what is printed out for the bar function (in reverse order)
- to open a shell with buffer overflow exploit, run
perl Shell-HackOverrun.pl
- If it does not work right away, you may need to change the address it jumps to ($shell_code_address in perl); the console output prints the address of the shellcode
Development for this has been limited, so spawning a shell was not accomplished
- clone repo
- install borland compiler for Windows, follow all instructions
- install a perl interpreter
- run
make win-stack-overrun
- run
perl Win-HackOverrun.pl
- If it does not work right away, address in script may need to be changed to that of bar function shown in console output
This program has malicious potential and should be used with extreme caution. This project is under the MIT License. We share no liability of any harm that comes from the usage of this code. You are to use this at your own risk.