Skip to content

obfusk/simple-stack-exploit

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 0 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
echoer
 
 
tools
 
 
.gitignore
 
 
Makefile
 
 
README.md
 
 
exploit.py
 
 
Description License References

README.md

[]: {{{1

File        : README.md
Maintainer  : Felix C. Stegerman <flx@obfusk.net>
Date        : 2015-03-29

Copyright   : Copyright (C) 2015  Felix C. Stegerman
Version     : v0.0.1

[]: }}}1

Description

simple-stack-exploit - a simple demo exploit

NB: be careful when running any of the echoers -- especially the server -- so your computer doesn't get exploited unintentionally.

There are three echoers with slightly different implementations that can all be exploited by the exploit.py script. For more information, see the source ;-)

Note that the echoers contain intentional buffer overflows and uncontrolled format strings and are compiled without stack protection and linked with an executable stack. Real world exploits are (hopefully) a bit more difficult.

$ cd echoer && make
$ ( ../exploit.py; cat ) | ./echoer1_INSECURE
$ ( ../exploit.py; cat ) | ./echoer2_INSECURE
$ ( ZEROES=yes ../exploit.py; cat ) | ./echoer3_INSECURE

License

GPLv3+ [1].

References

[1] GNU General Public License, version 3 --- https://www.gnu.org/licenses/gpl-3.0.html

[]: ! ( vim: set tw=70 sw=2 sts=2 et fdm=marker : )

About

simple-stack-exploit - a simple demo exploit

Resources

Readme
Activity

Stars

2 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages