{"id":277,"date":"2020-02-24T22:56:45","date_gmt":"2020-02-24T22:56:45","guid":{"rendered":"https:\/\/codesupply.co\/nisi-dolor-etiam-eleifend-pretium-libero-quis-amet-nam-vel-a-consequat-penatibus\/"},"modified":"2022-11-12T19:02:45","modified_gmt":"2022-11-12T19:02:45","slug":"buffer-overflow-stack-overflow-c-programming-lab-project","status":"publish","type":"post","link":"https:\/\/nootherjake.com\/blog\/buffer-overflow-stack-overflow-c-programming-lab-project\/","title":{"rendered":"Buffer Overflow &#8211; Stack overflow &#8211; C Programming  Lab Project"},"content":{"rendered":"<p><strong>Prerequisites:<\/strong><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Virtual Machine<\/span>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"2\"><span style=\"font-weight: 400;\">This lab will use Kali Linux\u00a0<\/span><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"3\"><span style=\"font-weight: 400;\">Visual Studio Code will be used, feel free to use VIM<\/span><\/li>\n<\/ul>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">HASHES (SHA256)<\/span>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"2\"><span style=\"font-weight: 400;\">Kali Linux (VMWare): e4c6999edccf27f97d4d014cdc66950b8b4148948abe8bb3a2c30bbc0915e95a<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"2\"><span style=\"font-weight: 400;\">VS Code: c492f27036cb499b5c962e9ac89e1438c78af88bd26d01b851c54d5ba192f730<\/span><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><strong>INTRODUCTION:<\/strong><\/p>\n<p><span style=\"font-weight: 400;\">Buffer Overflows have been a cyber security threat for more than 45 years. With no sign of stopping. However, concepts such as a Stack, Buffer, and Memory Addresses might be lacking when most guides simply show how to perform a Buffer Overflow over explaining why a Buffer Overflow is possible [1][2].<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The goal of this lab is to present an entry-level program to test the inner workings of what entails a Buffer Overflow.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">STEP 1 (Setting up the Code):<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Part 1<\/span><\/p>\n<figure id=\"attachment_4313\" aria-describedby=\"caption-attachment-4313\" style=\"width: 3360px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-4313\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/Program1-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example.png\" alt=\"Buffer Overflow Attack Real-life Example, Buffer Overflow C, Buffer Overflow C Example, Buffer Overflow Code Injection Example, Buffer Overflow Command Line, Buffer Overflow Example, How To Avoid Buffer Overflow In C, How To Check Buffer Overflow In C\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/Program1-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/Program1-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/Program1-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/Program1-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/Program1-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/Program1-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/Program1-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/Program1-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/Program1-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/><figcaption id=\"caption-attachment-4313\" class=\"wp-caption-text\">Buffer Overflow Attack Real-life Example, Buffer Overflow C, Buffer Overflow C Example, Buffer Overflow Code Injection Example, Buffer Overflow Command Line, Buffer Overflow Example, How To Avoid Buffer Overflow In C, How To Check Buffer Overflow In C<\/figcaption><\/figure>\n<p><span style=\"font-weight: 400;\">Using the code in Figure 1, please save it to your Desktop Directory.<\/span><\/p>\n<figure id=\"attachment_4324\" aria-describedby=\"caption-attachment-4324\" style=\"width: 3360px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-4324\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.08.37-AM.png\" alt=\"Buffer Overflow Attack Real-life Example, Buffer Overflow C, Buffer Overflow C Example, Buffer Overflow Code Injection Example, Buffer Overflow Command Line, Buffer Overflow Example, How To Avoid Buffer Overflow In C, How To Check Buffer Overflow In C\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.08.37-AM.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.08.37-AM-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.08.37-AM-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.08.37-AM-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.08.37-AM-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.08.37-AM-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.08.37-AM-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.08.37-AM-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.08.37-AM-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/><figcaption id=\"caption-attachment-4324\" class=\"wp-caption-text\">Buffer Overflow Attack Real-life Example, Buffer Overflow C, Buffer Overflow C Example, Buffer Overflow Code Injection Example, Buffer Overflow Command Line, Buffer Overflow Example, How To Avoid Buffer Overflow In C, How To Check Buffer Overflow In C<\/figcaption><\/figure>\n<p><i><span style=\"font-weight: 400;\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-4325\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.07.02-AM.png\" alt=\"\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.07.02-AM.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.07.02-AM-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.07.02-AM-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.07.02-AM-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.07.02-AM-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.07.02-AM-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.07.02-AM-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.07.02-AM-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.07.02-AM-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/> <img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-4326\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.07.48-AM.png\" alt=\"\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.07.48-AM.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.07.48-AM-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.07.48-AM-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.07.48-AM-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.07.48-AM-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.07.48-AM-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.07.48-AM-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.07.48-AM-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.07.48-AM-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/><\/span><\/i><\/p>\n<p><span style=\"font-weight: 400;\">Part 2<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Change directories to the saved file and run, as seen in Figure 2 :<\/span><\/p>\n<ol>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">gcc \u201cfilename.c\u201d -o \u201cnewfilename\u201d<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">chmod 777 \u201cnewfilename\u201d<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">.\/\u201dnewfilename\u201d<\/span><\/li>\n<\/ol>\n<p><span style=\"font-weight: 400;\">STEP 2 (Buffer Overflow?):<\/span><\/p>\n<p><span style=\"font-weight: 400;\">As you can see in Figure 3, the buffer size for the string is 25 characters. What would happen if we added more than 25?<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-4327\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.18.18-AM.png\" alt=\"\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.18.18-AM.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.18.18-AM-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.18.18-AM-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.18.18-AM-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.18.18-AM-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.18.18-AM-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.18.18-AM-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.18.18-AM-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.18.18-AM-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/><\/p>\n<figure id=\"attachment_4328\" aria-describedby=\"caption-attachment-4328\" style=\"width: 3360px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-4328\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.18.51-AM.png\" alt=\"Buffer Overflow Attack Real-life Example, Buffer Overflow C, Buffer Overflow C Example, Buffer Overflow Code Injection Example, Buffer Overflow Command Line, Buffer Overflow Example, How To Avoid Buffer Overflow In C, How To Check Buffer Overflow In C\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.18.51-AM.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.18.51-AM-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.18.51-AM-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.18.51-AM-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.18.51-AM-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.18.51-AM-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.18.51-AM-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.18.51-AM-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.18.51-AM-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/><figcaption id=\"caption-attachment-4328\" class=\"wp-caption-text\">Buffer Overflow Attack Real-life Example, Buffer Overflow C, Buffer Overflow C Example, Buffer Overflow Code Injection Example, Buffer Overflow Command Line, Buffer Overflow Example, How To Avoid Buffer Overflow In C, How To Check Buffer Overflow In C<\/figcaption><\/figure>\n<figure id=\"attachment_4329\" aria-describedby=\"caption-attachment-4329\" style=\"width: 3360px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-4329\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.19.53-AM.png\" alt=\"\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.19.53-AM.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.19.53-AM-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.19.53-AM-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.19.53-AM-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.19.53-AM-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.19.53-AM-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.19.53-AM-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.19.53-AM-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.19.53-AM-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/><figcaption id=\"caption-attachment-4329\" class=\"wp-caption-text\">Buffer Overflow Attack Real-life Example, Buffer Overflow C, Buffer Overflow C Example, Buffer Overflow Code Injection Example, Buffer Overflow Command Line, Buffer Overflow Example, How To Avoid Buffer Overflow In C, How To Check Buffer Overflow In C<\/figcaption><\/figure>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"font-weight: 400;\">Run the following:<\/span><\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"font-weight: 400;\">python -c \u201cprint(\u2018A\u2019 * 21)\u201d | .\/buffer2<\/span><\/p>\n<p><span style=\"font-weight: 400;\">As we can see in Figure 5 the code executes normally.<\/span><\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"font-weight: 400;\">Now try the following:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">python -c \u201cprint(\u2018A\u2019 * 64)\u201d | .\/\u201dnewfilename\u201d<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Segmentation Fault! We have performed a Buffer Overflow!<\/span><\/p>\n<figure id=\"attachment_4330\" aria-describedby=\"caption-attachment-4330\" style=\"width: 3360px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-4330\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.23.17-AM.png\" alt=\"Buffer Overflow Attack Real-life Example, Buffer Overflow C, Buffer Overflow C Example, Buffer Overflow Code Injection Example, Buffer Overflow Command Line, Buffer Overflow Example, How To Avoid Buffer Overflow In C, How To Check Buffer Overflow In C\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.23.17-AM.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.23.17-AM-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.23.17-AM-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.23.17-AM-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.23.17-AM-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.23.17-AM-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.23.17-AM-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.23.17-AM-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.23.17-AM-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/><figcaption id=\"caption-attachment-4330\" class=\"wp-caption-text\">Buffer Overflow Attack Real-life Example, Buffer Overflow C, Buffer Overflow C Example, Buffer Overflow Code Injection Example, Buffer Overflow Command Line, Buffer Overflow Example, How To Avoid Buffer Overflow In C, How To Check Buffer Overflow In C<\/figcaption><\/figure>\n<figure id=\"attachment_4331\" aria-describedby=\"caption-attachment-4331\" style=\"width: 3360px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-4331\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.23.39-AM.png\" alt=\"Buffer Overflow Attack Real-life Example, Buffer Overflow C, Buffer Overflow C Example, Buffer Overflow Code Injection Example, Buffer Overflow Command Line, Buffer Overflow Example, How To Avoid Buffer Overflow In C, How To Check Buffer Overflow In C\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.23.39-AM.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.23.39-AM-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.23.39-AM-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.23.39-AM-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.23.39-AM-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.23.39-AM-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.23.39-AM-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.23.39-AM-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.23.39-AM-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/><figcaption id=\"caption-attachment-4331\" class=\"wp-caption-text\">Buffer Overflow Attack Real-life Example, Buffer Overflow C, Buffer Overflow C Example, Buffer Overflow Code Injection Example, Buffer Overflow Command Line, Buffer Overflow Example, How To Avoid Buffer Overflow In C, How To Check Buffer Overflow In C<\/figcaption><\/figure>\n<figure id=\"attachment_4332\" aria-describedby=\"caption-attachment-4332\" style=\"width: 3360px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-4332\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.24.00-AM.png\" alt=\"Buffer Overflow Attack Real-life Example, Buffer Overflow C, Buffer Overflow C Example, Buffer Overflow Code Injection Example, Buffer Overflow Command Line, Buffer Overflow Example, How To Avoid Buffer Overflow In C, How To Check Buffer Overflow In C\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.24.00-AM.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.24.00-AM-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.24.00-AM-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.24.00-AM-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.24.00-AM-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.24.00-AM-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.24.00-AM-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.24.00-AM-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.24.00-AM-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/><figcaption id=\"caption-attachment-4332\" class=\"wp-caption-text\">Buffer Overflow Attack Real-life Example, Buffer Overflow C, Buffer Overflow C Example, Buffer Overflow Code Injection Example, Buffer Overflow Command Line, Buffer Overflow Example, How To Avoid Buffer Overflow In C, How To Check Buffer Overflow In C<\/figcaption><\/figure>\n<figure id=\"attachment_4333\" aria-describedby=\"caption-attachment-4333\" style=\"width: 3360px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-4333\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.24.54-AM.png\" alt=\"Buffer Overflow Attack Real-life Example, Buffer Overflow C, Buffer Overflow C Example, Buffer Overflow Code Injection Example, Buffer Overflow Command Line, Buffer Overflow Example, How To Avoid Buffer Overflow In C, How To Check Buffer Overflow In C\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.24.54-AM.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.24.54-AM-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.24.54-AM-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.24.54-AM-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.24.54-AM-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.24.54-AM-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.24.54-AM-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.24.54-AM-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.24.54-AM-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/><figcaption id=\"caption-attachment-4333\" class=\"wp-caption-text\">Buffer Overflow Attack Real-life Example, Buffer Overflow C, Buffer Overflow C Example, Buffer Overflow Code Injection Example, Buffer Overflow Command Line, Buffer Overflow Example, How To Avoid Buffer Overflow In C, How To Check Buffer Overflow In C<\/figcaption><\/figure>\n<figure id=\"attachment_4334\" aria-describedby=\"caption-attachment-4334\" style=\"width: 3360px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-4334\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.25.27-AM.png\" alt=\"Buffer Overflow Attack Real-life Example, Buffer Overflow C, Buffer Overflow C Example, Buffer Overflow Code Injection Example, Buffer Overflow Command Line, Buffer Overflow Example, How To Avoid Buffer Overflow In C, How To Check Buffer Overflow In C\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.25.27-AM.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.25.27-AM-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.25.27-AM-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.25.27-AM-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.25.27-AM-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.25.27-AM-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.25.27-AM-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.25.27-AM-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.25.27-AM-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/><figcaption id=\"caption-attachment-4334\" class=\"wp-caption-text\">Buffer Overflow Attack Real-life Example, Buffer Overflow C, Buffer Overflow C Example, Buffer Overflow Code Injection Example, Buffer Overflow Command Line, Buffer Overflow Example, How To Avoid Buffer Overflow In C, How To Check Buffer Overflow In C<\/figcaption><\/figure>\n<p><span style=\"font-weight: 400;\">STEP 3: Compile the code and prepare the object code for the GDB debugger<\/span><\/p>\n<p><span style=\"font-weight: 400;\">To understand a Buffer Overflow, one must understand how memory works.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Type the command to get the GDB debugger: gcc -g buffer1.c -o buffer1 (Remember that buffer1.c is your file name, you can also use this command: gcc -g buffer1.c)\u00a0<\/span><\/p>\n<p>&nbsp;<\/p>\n<figure id=\"attachment_4335\" aria-describedby=\"caption-attachment-4335\" style=\"width: 3360px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-4335\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.26.19-AM.png\" alt=\"Buffer Overflow Attack Real-life Example, Buffer Overflow C, Buffer Overflow C Example, Buffer Overflow Code Injection Example, Buffer Overflow Command Line, Buffer Overflow Example, How To Avoid Buffer Overflow In C, How To Check Buffer Overflow In C\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.26.19-AM.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.26.19-AM-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.26.19-AM-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.26.19-AM-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.26.19-AM-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.26.19-AM-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.26.19-AM-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.26.19-AM-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.26.19-AM-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/><figcaption id=\"caption-attachment-4335\" class=\"wp-caption-text\">Buffer Overflow Attack Real-life Example, Buffer Overflow C, Buffer Overflow C Example, Buffer Overflow Code Injection Example, Buffer Overflow Command Line, Buffer Overflow Example, How To Avoid Buffer Overflow In C, How To Check Buffer Overflow In C<\/figcaption><\/figure>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-4336\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.38.50-AM.png\" alt=\"\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.38.50-AM.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.38.50-AM-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.38.50-AM-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.38.50-AM-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.38.50-AM-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.38.50-AM-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.38.50-AM-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.38.50-AM-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.38.50-AM-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/> <img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-4337\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.39.18-AM.png\" alt=\"\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.39.18-AM.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.39.18-AM-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.39.18-AM-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.39.18-AM-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.39.18-AM-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.39.18-AM-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.39.18-AM-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.39.18-AM-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-1.39.18-AM-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">Step 4: Type the command to access the GDB: gdb a.out<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Step 5: Set breaking point by executing the following commands:\u00a0<\/span><\/p>\n<p>&nbsp;<\/p>\n<ol>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">break *main<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">run<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">c<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Input AAA,,,,, to over flow the register<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Info registers<\/span><\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<p><span style=\"font-weight: 400;\">In Figure , we can see the RBP register the base pointer has been overwritten with 0x41, the ascii value for \u2018A\u2019.<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-4340\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.38.30-AM.png\" alt=\"\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.38.30-AM.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.38.30-AM-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.38.30-AM-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.38.30-AM-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.38.30-AM-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.38.30-AM-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.38.30-AM-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.38.30-AM-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.38.30-AM-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/> <img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-4341\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.43.02-AM.png\" alt=\"\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.43.02-AM.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.43.02-AM-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.43.02-AM-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.43.02-AM-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.43.02-AM-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.43.02-AM-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.43.02-AM-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.43.02-AM-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.43.02-AM-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/> <img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-4342\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.43.41-AM.png\" alt=\"\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.43.41-AM.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.43.41-AM-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.43.41-AM-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.43.41-AM-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.43.41-AM-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.43.41-AM-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.43.41-AM-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.43.41-AM-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.43.41-AM-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/> <img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-4343\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.44.29-AM.png\" alt=\"\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.44.29-AM.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.44.29-AM-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.44.29-AM-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.44.29-AM-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.44.29-AM-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.44.29-AM-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.44.29-AM-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.44.29-AM-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.44.29-AM-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/> <img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-4344\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.48.46-AM.png\" alt=\"\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.48.46-AM.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.48.46-AM-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.48.46-AM-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.48.46-AM-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.48.46-AM-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.48.46-AM-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.48.46-AM-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.48.46-AM-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.48.46-AM-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">Step 6: <\/span><span style=\"font-weight: 400;\">Change \u2018<\/span><b>scanf<\/b><span style=\"font-weight: 400;\">\u2018 in the program to \u2018<\/span><b>fgets<\/b><span style=\"font-weight: 400;\">\u2018 to mitigate the buffer overflow in the script<\/span><\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"font-weight: 400;\">STEP 7 (Why do we care?):<\/span><\/p>\n<p><span style=\"font-weight: 400;\">So far, we have only seen our Buffer Overflow crashing the program, but the danger lies in the registers RBP and RSP (Register Stack Pointer). Using a Buffer Overflow, you can manipulate the buffer in a way to change the values of these registers, RBP and RSP, to point to other locations. These locations can be other functions, thus revealing sensitive data, or even reverse shells.<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-4345\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.54.34-AM.png\" alt=\"\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.54.34-AM.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.54.34-AM-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.54.34-AM-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.54.34-AM-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.54.34-AM-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.54.34-AM-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.54.34-AM-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.54.34-AM-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.54.34-AM-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/> <img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-4346\" src=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.54.56-AM.png\" alt=\"\" width=\"3360\" height=\"2100\" srcset=\"https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.54.56-AM.png 3360w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.54.56-AM-300x188.png 300w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.54.56-AM-1024x640.png 1024w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.54.56-AM-768x480.png 768w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.54.56-AM-1536x960.png 1536w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.54.56-AM-2048x1280.png 2048w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.54.56-AM-380x238.png 380w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.54.56-AM-800x500.png 800w, https:\/\/nootherjake.com\/blog\/wp-content\/uploads\/2020\/02\/program-C-error-output-find-buffer-overfiow-integer-array-injection-avoid-code-example-stack-2022-11-05-at-12.54.56-AM-1160x725.png 1160w\" sizes=\"auto, (max-width: 3360px) 100vw, 3360px\" \/><\/p>\n<p><strong>STEP 8 (How Do We Mitigate It?):<\/strong><\/p>\n<p><span style=\"font-weight: 400;\">Change \u2018<\/span><b>scanf<\/b><span style=\"font-weight: 400;\">\u2018 in the program to \u2018<\/span><b>fgets<\/b><span style=\"font-weight: 400;\">\u2018, as seen in Figure 7.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Compile the code as shown in Figure 2 and run the following command to test the Buffer.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">python -c \u201cprint(\u2018A\u2019 * 64)\u201d | .\/\u201dnewfilename\u201d<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Congratulations, you have mitigated the overflow!<\/span><\/p>\n<p><span style=\"font-weight: 400;\">With the successful implantation of,\u00a0<\/span><b>fgets<\/b><span style=\"font-weight: 400;\">, we have eliminated the vulnerability. However, we only tested boundary Buffer Overflows, is there another way does <\/span><b>can<\/b><span style=\"font-weight: 400;\">\u00a0allow a Buffer Overflow and not\u00a0<\/span><b>fgets<\/b><span style=\"font-weight: 400;\">?<\/span><\/p>\n<p><span style=\"font-weight: 400;\">REFERENCES:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">[1] NIST, \u201cComputer Security Technology Planning Study,\u201d Oct. 1972.\u00a0<\/span><a href=\"https:\/\/csrc.nist.gov\/csrc\/media\/publications\/conference-paper\/1998\/10\/08\/proceedings-of-the-21st-nissc-1998\/documents\/early-cs-papers\/ande72.pdf\"><span style=\"font-weight: 400;\">https:\/\/csrc.nist.gov\/csrc\/media\/publications\/conference-paper\/1998\/10\/08\/proceedings-of-the-21st-nissc-1998\/documents\/early-cs-papers\/ande72.pdf<\/span><\/a><\/p>\n<p><span style=\"font-weight: 400;\">[2] NVD, \u201cCVE-2018-17439 Detail,\u201d Sep. 2018.\u00a0<\/span><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-17439\"><span style=\"font-weight: 400;\">https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-17439<\/span><\/a><\/p>\n<p><span style=\"font-weight: 400;\">[3]<\/span><span style=\"font-weight: 400;\">https:\/\/www.youtube.com\/playlist?list=PLLKT__MCUeix3O0DPbmuaRuR_4Hxo4m3G<\/span><\/p>\n<p><span style=\"font-weight: 400;\">[4] 0xrick, \u201cWhy Do Buffer Overflows Happen,\u201d Dec. 2018.\u00a0<\/span><a href=\"https:\/\/0xrick.github.io\/binary-exploitation\/bof1\/\"><span style=\"font-weight: 400;\">https:\/\/0xrick.github.io\/binary-exploitation\/bof1\/<\/span><\/a><\/p>\n<p><span style=\"font-weight: 400;\">[5] of Syracuse, \u201cBuffer-Overflow Vulnerabilites and Attacks,\u201d Oct. 2013.\u00a0<\/span><a href=\"http:\/\/www.cis.syr.edu\/~wedu\/Teaching\/IntrCompSec\/LectureNotes_New\/Buffer_Overflow.pdf\"><span style=\"font-weight: 400;\">http:\/\/www.cis.syr.edu\/~wedu\/Teaching\/IntrCompSec\/Lect<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"Congratulations, you have mitigated the overflow!\n","protected":false},"author":1,"featured_media":4350,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"gallery","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"csco_singular_sidebar":"default","csco_page_header_type":"full","csco_page_load_nextpost":"default","csco_post_video_location":[],"csco_post_video_url":"","csco_post_video_bg_start_time":0,"csco_post_video_bg_end_time":0,"footnotes":""},"categories":[2],"tags":[32,33,34,35,36,37,38,39],"class_list":{"0":"post-277","1":"post","2":"type-post","3":"status-publish","4":"format-gallery","5":"has-post-thumbnail","7":"category-pentest","8":"tag-buffer-overflow-attack-real-life-example","9":"tag-buffer-overflow-c","10":"tag-buffer-overflow-c-example","11":"tag-buffer-overflow-code-injection-example","12":"tag-buffer-overflow-command-line","13":"tag-buffer-overflow-example","14":"tag-how-to-avoid-buffer-overflow-in-c","15":"tag-how-to-check-buffer-overflow-in-c","16":"post_format-post-format-gallery","17":"cs-entry","18":"cs-video-wrap"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/nootherjake.com\/blog\/wp-json\/wp\/v2\/posts\/277","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nootherjake.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nootherjake.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nootherjake.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nootherjake.com\/blog\/wp-json\/wp\/v2\/comments?post=277"}],"version-history":[{"count":3,"href":"https:\/\/nootherjake.com\/blog\/wp-json\/wp\/v2\/posts\/277\/revisions"}],"predecessor-version":[{"id":4349,"href":"https:\/\/nootherjake.com\/blog\/wp-json\/wp\/v2\/posts\/277\/revisions\/4349"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nootherjake.com\/blog\/wp-json\/wp\/v2\/media\/4350"}],"wp:attachment":[{"href":"https:\/\/nootherjake.com\/blog\/wp-json\/wp\/v2\/media?parent=277"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nootherjake.com\/blog\/wp-json\/wp\/v2\/categories?post=277"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nootherjake.com\/blog\/wp-json\/wp\/v2\/tags?post=277"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}