I'm starting to do win32 exploits and shellcoding, but I hit a problem when
a supposed vulnerable program won't segfault when run on my machine.
I wrote it in dev-cpp's ide with console mode template. When run on command
line on windows 2000 professional;
[ the A's were on the commandline, email client put it below]
C:\sources\vuln1
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
[pretty sure it was sufficient]
C:\sources\
When finnished running, there is nothing; no output, no errors, no pop-up
boxes. Tried it as a regular user and as administrator.
However, when run with the same arguments on windows millenium, a standard
pop-up comes up stating that vuln1 has caused an error in <unknown> module
and will be shutdown. No detail button on the dialog though.
vuln1.c
--------------------------------------------
#include <stdio.h>
#include <stdlib.h>
int main(int argc, char *argv[])
{
char buffer[30];
if(argc > 1)
{
strcpy(buffer, argv[1]);
}
return(0);
}
Maybe dev-cpp changes the way strcpy functions? Or win2k works way diferent
than I expect? I've done exploits with linux and bsd, and to my knowledge
this should be the same. Any help would be greatly appreciated.
_________________________________________________________________
Add photos to your messages with MSN 8. Get 2 months FREE*.
http://join.msn.com/?page=features/featuredemail
This archive was generated by hypermail 2b30 : Mon Jul 14 2003 - 12:01:43 PDT