Skip to content
master
Switch branches/tags
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 

README.md

[]: {{{1

File        : README.md
Maintainer  : Felix C. Stegerman <flx@obfusk.net>
Date        : 2015-03-29

Copyright   : Copyright (C) 2015  Felix C. Stegerman
Version     : v0.0.1

[]: }}}1

Description

simple-stack-exploit - a simple demo exploit

NB: be careful when running any of the echoers -- especially the server -- so your computer doesn't get exploited unintentionally.

There are three echoers with slightly different implementations that can all be exploited by the exploit.py script. For more information, see the source ;-)

Note that the echoers contain intentional buffer overflows and uncontrolled format strings and are compiled without stack protection and linked with an executable stack. Real world exploits are (hopefully) a bit more difficult.

$ cd echoer && make
$ ( ../exploit.py; cat ) | ./echoer1_INSECURE
$ ( ../exploit.py; cat ) | ./echoer2_INSECURE
$ ( ZEROES=yes ../exploit.py; cat ) | ./echoer3_INSECURE

License

GPLv3+ [1].

References

[1] GNU General Public License, version 3 --- https://www.gnu.org/licenses/gpl-3.0.html

[]: ! ( vim: set tw=70 sw=2 sts=2 et fdm=marker : )

About

simple-stack-exploit - a simple demo exploit

Resources

Releases

No releases published

Packages

No packages published