Hi ,i would like to give u a piece of code and discuss if it is
possible to call the hidden_function without modify code to call it .
I have read on internet about buffer overflows and i can overwrite
overwrite instruction pointer to point to start of the
hidden_function . But i see that on my ubuntu with my
gcc version 4.1.2 (Ubuntu 4.1.2-0ubuntu4) i get a
../test AAAAAAAAAAAAA
*** stack smashing detected ***: ./test terminated
i think this protection blocks me ,right ? Is there any other
technique i can call that hidden fuction ? And lets say we got a linux
binary ,that we dont know his source code ,is there any way to
determine hidden fuctions that may that binary have ? As an owner i
can maybe disable those protections from gcc but if i dont have the
source and only the binary ??? I would like to hear your opinions on
that :) , thanx in advance
#include <stdio.h>
#include <string.h>
void hidden_function()
{
printf("you find me :) \n");
}
main(int argc, char *argv[])
{
char buffer[10];
if (argc < 2) {
fprintf(stderr, "usage: %s string \n", argv[0]);
return 1;
}
strcpy(buffer, argv[1]);
return 0;
}
5  1994 
Arquitecto wrote:
Hi ,i would like to give u a piece of code and discuss if it is
possible to call the hidden_function without modify code to call it .
I have read on internet about buffer overflows and i can overwrite
overwrite instruction pointer to point to start of the
hidden_function . But i see that on my ubuntu with my
gcc version 4.1.2 (Ubuntu 4.1.2-0ubuntu4) i get a
./test AAAAAAAAAAAAA
*** stack smashing detected ***: ./test terminated
i think this protection blocks me ,right ? Is there any other
technique i can call that hidden fuction ? And lets say we got a linux
binary ,that we dont know his source code ,is there any way to
determine hidden fuctions that may that binary have ? As an owner i
can maybe disable those protections from gcc but if i dont have the
source and only the binary ??? I would like to hear your opinions on
that :) , thanx in advance
#include <stdio.h>
#include <string.h>
void hidden_function()
{
printf("you find me :) \n");
}
main(int argc, char *argv[])
{
char buffer[10];
if (argc < 2) {
fprintf(stderr, "usage: %s string \n", argv[0]);
return 1;
}
strcpy(buffer, argv[1]);
return 0;
}
Look. If you want a class about how to write a virus/malicious software
please go somewhere else.
Arquitecto wrote:
Hi ,i would like to give u a piece of code and discuss if it is
possible to call the hidden_function without modify code to call it .
#include <stdlib.h>
#define main foo
#include "your_code.c"
#undef main
int
main( void )
{
hidden_function();
return EXIT_SUCCESS;
}
This protects you entirely from the buffer overflow present
in your main routine. :)
To jacob ,
i prefer to post your thought on that subject and not judge the
content . I am here to learn and spent my replies replying on usefull
answers ... really sorry for ur answer .. No i will not hack your PC
by discussing how some things work .And i think bypassing some
protections is a challenge for solving and i am here to discuss all
those things .
to William Pursell ,
yea this is usefull if have the source file and is a nice thing i
didnt knew . thanks for the answer . but if you dont have the source
code to include ?? and you only have the binary and now that a hidden
function exists .
And if some people think that i ask how to hack the planet dont worry
you are safe :P
jacob navia :
Arquitecto wrote:
Hi ,i would like to give u a piece of code and discuss if it is
possible to call the hidden_function without modify code to call it .
I have read on internet about buffer overflows and i can overwrite
overwrite instruction pointer to point to start of the
hidden_function . But i see that on my ubuntu with my
gcc version 4.1.2 (Ubuntu 4.1.2-0ubuntu4) i get a
./test AAAAAAAAAAAAA
*** stack smashing detected ***: ./test terminated
i think this protection blocks me ,right ? Is there any other
technique i can call that hidden fuction ? And lets say we got a linux
binary ,that we dont know his source code ,is there any way to
determine hidden fuctions that may that binary have ? As an owner i
can maybe disable those protections from gcc but if i dont have the
source and only the binary ??? I would like to hear your opinions on
that :) , thanx in advance
#include <stdio.h>
#include <string.h>
void hidden_function()
{
printf("you find me :) \n");
}
main(int argc, char *argv[])
{
char buffer[10];
if (argc < 2) {
fprintf(stderr, "usage: %s string \n", argv[0]);
return 1;
}
strcpy(buffer, argv[1]);
return 0;
}
Look. If you want a class about how to write a virus/malicious software
please go somewhere else.
Arquitecto <x31...@gmail.comwrote:
To jacob ,
i prefer to post your thought on that subject
and not judge the content .
Your subject is how to detect buffer overflow when all you
have is the binary. Since you don't have a question about
the C language, I'm afraid your post isn't topical in
comp.lang.c.
I am here to learn and spent my replies replying on
usefull answers ... really sorry for ur answer .. No
i will not hack your PC by discussing how some things
work .And i think bypassing some
protections is a challenge for solving
Perhaps, but it is not topical here.
and i am here to discuss all
those things .
And we're not preventing you from discussing them, we're
just asking that you discus them in a group where it is
topical.
More than happy to help you with any C issues you might
have.
--
Peter
On Jul 3, 11:09 pm, Arquitecto <x31...@gmail.comwrote:
Hi ,i would like to give u a piece of code and discuss if it is
possible to call the hidden_function without modify code to call it .
I have read on internet about buffer overflows and i can overwrite
overwrite instruction pointer to point to start of the
hidden_function . But i see that on my ubuntu with my
gcc version 4.1.2 (Ubuntu 4.1.2-0ubuntu4) i get a
./test AAAAAAAAAAAAA
*** stack smashing detected ***: ./test terminated
i think this protection blocks me ,right ? Is there any other
technique i can call that hidden fuction ? And lets say we got a linux
binary ,that we dont know his source code ,is there any way to
determine hidden fuctions that may that binary have ? As an owner i
do strings,nm,obj command, you'll get more info (i am not expert in
this,but why not to try!)
I found the interesting material here (NOT Related to C) for the kind
of thing you are trying to do. http://cr.yp.to/2004-494.html
can maybe disable those protections from gcc but if i dont have the
source and only the binary ??? I would like to hear your opinions on
that :) , thanx in advance
#include <stdio.h>
#include <string.h>
void hidden_function()
{
printf("you find me :) \n");
}
main(int argc, char *argv[])
{
char buffer[10];
if (argc < 2) {
fprintf(stderr, "usage: %s string \n", argv[0]);
return 1;
}
strcpy(buffer, argv[1]);
return 0;
}- Hide quoted text -
- Show quoted text -
regretting for replying to possible off-topic
-Raxit This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Carramba |
last post by:
hi!
I don't have eny code to chare, this is just teoretical question.
usualy you have for looks like
<form method="POST" action="some_php_script.php">
namn: <input type="text" name="name"...
|
by: lawrence |
last post by:
Can anyone tell me why this code works in Netscape 7.1 but not in
IE???
<SCRIPT type='text/javascript'>
function makeVisible(nameOfDiv) {...
|
by: moondaddy |
last post by:
I'm using vb.net and have an aspx page where I want to call a function in
the code behind to do something on the backend and I want to call this
function from a jscript function in the aspx page. ...
|
by: Rob Shorney |
last post by:
Hi,
I am using .Net 2003 , c# asp.net.
The situation i have is this. I have a asp.net page which in the codebehind
maintains an xml document in memory. The user can click on a button to popup
a...
|
by: CBFalconer |
last post by:
We often find hidden, and totally unnecessary, assumptions being
made in code. The following leans heavily on one particular
example, which happens to be in C. However similar things can (and...
|
by: Angus |
last post by:
I have a web page with a toolbar containing a Save button. The Save
button can change contextually to be a Search button in some cases.
Hence the button name searchsavechanges.
The snippet of...
|
by: Jimmy |
last post by:
It is also possible for popup window to call function in main window
by using the opener property. Will "opener.someFunctionInMain(param1,
param2)" in the popup window work?
It's possible for...
|
by: nickyspace |
last post by:
HI
all
I have a little issue with this php code. Below is the code
CODE: PHP
1.<?
|
by: Astley Le Jasper |
last post by:
Sorry for the numpty question ...
How do you find the reference name of an object?
So if i have this
bob = modulename.objectname()
how do i find that the name is 'bob'
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
| | |
