尝试阅读以下教程时: https://sploitfun.wordpress.com/2015/05/08/classic-stack-based-buffer-overflow/
我尝试过像在GDB中那样做,结果是:
输入:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
编程接收信号SIGSEGV,分段故障。 在vuln.c中的0x00000000004005bd(argc = 2,argv = 0x7ffffffdd8):9 9}
如果有人知道为什么,我很乐意听到。
提前致谢。
编辑:我安装了Ubuntu 32位,因为-m32并没有正常工作,并且它可以与32位ubuntu一起使用。
答案 0 :(得分:1)
任何人都知道为什么
因为应该。从你的参考:
$ gdb -q vuln
Reading symbols from /home/sploitfun/lsploits/new/csof/vuln...done.
(gdb) r `python -c 'print "A"*300'`
Starting program: /home/sploitfun/lsploits/new/csof/vuln `python -c 'print "A"*300'`
Input:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Program received signal SIGSEGV, Segmentation fault.
0x41414141 in ?? ()
(gdb) p/x $eip
$1 = 0x41414141
现在,您的观察结果不同:
Program received signal SIGSEGV, Segmentation fault.
0x00000000004005bd in main (argc=2, argv=0x7fffffffdda8) at vuln.c:9 9 }
但那是因为您在64位模式下构建了二进制文件,而原始版本是在32位模式下构建的。
如果在编译和链接命令中添加-m32标志,则应该能够更密切地跟随原始文件。