static char overflow

From: melsa (3melsa3at_private)
Date: Wed May 01 2002 - 13:14:10 PDT

Next message: H C: "Re: Wlan @ bestbuy is cleartext?"

Previous message: Vachon, Scott: "RE: SECURITY CAMERA WAR DRIVING"
Next in thread: - OUAH -: "Re: static char overflow"
Reply: - OUAH -: "Re: static char overflow"
Reply: SpaceWalker: "Re: static char overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

hi
i want learn a little bit more about bufferoverflows.

the standart example of the many bufferoverflow tutorials is
----------------------------------------------------------
main(int argc,char **argv)
{
char buf [1024];
strcpy(buf,argv[1]);
printf("%s",buf);
}
---------------------------------------------------

this is very easy to explore , because eip is behind the buffer.

but what about the heap ?

----------------------------------------------------------
main(int argc,char **argv)
{
  static    char buf [1024];
strcpy(buf,argv[1]);
printf("%s",buf);
}
---------------------------------------------------

what can you overwrite here to jump into the shellcode ?
i have read the w00w00 tutorial but it doesn't help me.

Next message: H C: "Re: Wlan @ bestbuy is cleartext?"
Previous message: Vachon, Scott: "RE: SECURITY CAMERA WAR DRIVING"
Next in thread: - OUAH -: "Re: static char overflow"
Reply: - OUAH -: "Re: static char overflow"
Reply: SpaceWalker: "Re: static char overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed May 01 2002 - 14:53:04 PDT