Skip to main content
Information Security

Questions tagged [stack-overflow]

Ask Question

The tag has no summary.

58 questions
Newest Active Bountied Unanswered
1 vote
0 answers
134 views

In this topic, 'be vulnerable to stack overflow attack' actually refer to an attacker manipulating the return address of a function to perform a control flow hijacking. Smashing the stack by ...
hackme's user avatar
  • 11
24 votes
5 answers
6k views

I’ve been diving into the world of buffer overflow vulnerabilities and their exploitation, which has been both challenging and fascinating. However, I’ve recently hit a mental roadblock and would love ...
Andrea Signori's user avatar
  • 350
1 vote
0 answers
61 views

I'm trying to overwrite the return address caused by a buffer overflow. I've already calculated the distance between the buffer and the return address. The address that I want to jump to is ...
CJG's user avatar
  • 81
0 votes
1 answer
348 views

#include <stdio.h> #include <stdlib.h> void reading(); void reading_hexa(char*); void secret(); int main() { reading(); printf("Input done\n"); exit(0); } void ...
user88178's user avatar
  • 1
1 vote
1 answer
173 views

So I try to understand stack based buffer-overflow but now I am stuck. This is the vulnerable function (32 bit ELF). int test(char* input) { char buf[100]; printf("Buffer is at %p\n",...
user avatar
1 vote
2 answers
361 views

I have heard that DDoS and DoS attacks work most of the time and that they are used when SQL insertion and other methods fail. I know Stack Exchange has a lot of programmers, and that they have this ...
anon's user avatar
  • 13
1 vote
1 answer
1k views

I'm trying to understand why stack canaries are not enabled by default. It makes sense to me that they should be, given the interest in security? https://stackoverflow.com/questions/49693870/stack-...
vy32's user avatar
  • 537
0 votes
0 answers
226 views

I have the following problem: I have this C program and I have done buffer overflow using ROP gadgets. I have a problem with the output. I want to stop the printf() call in the vuln function to get ...
Flowless Man's user avatar
  • 1
0 votes
1 answer
289 views

I tried to google this topic but most of them are conflicting each other. On the other side, I found a case where I can use either stack (local variable) or heap for a dynamic string. It's C by the ...
Thor-x86_128's user avatar
  • 133
1 vote
1 answer
1k views

I'm stuck on the Heap1 challenge from Exploit Education. After compiling the source code in a 64bit system, without any security mechanism, I try to overflow the heap in order to overwrite the main ...
rme's user avatar
  • 21
1 vote
0 answers
413 views

I was practicing stack buffer exploitation on a well known application I was able to bypass canaries, ASLR and nx bit with techniques easily found on the internet However it has fortify-source enabled ...
boredaf's user avatar
  • 153
2 votes
1 answer
231 views

According to this paper on defeating stackguard, it seems canaries are placed lower in the stack (higher address) than EBP, allowing the attacker to overwrite EBP without being noticed. But when I ...
hehehe's user avatar
  • 21
0 votes
2 answers
950 views

I have been conducting some minor research into the various forms of exploitation, such as buffer overflows and similar. Most tutorials seem to focus on executing shellcode, that is code which ...
questioner's user avatar
  • 231
1 vote
0 answers
175 views

I am preparing for an exam in Computer Security and doing a past-exam without soluions, so I wanted to check if my reasoning holds on a question about stack overflow. Below is the C code in question. ...
Unknown's user avatar
  • 23
1 vote
1 answer
2k views

So I hope I'm phrasing this right. I'm trying to exploit a piece of c code which you can see below. #include <stdlib.h> #include <unistd.h> #include <stdio.h> #include <string.h&...
Fiach ONeill's user avatar
  • 31

15 30 50 per page
1
2 3 4