https://github.com/scarlet-oni/buffer-overflow-exploits

using a buffer overflow exploit
https://github.com/scarlet-oni/buffer-overflow-exploits

buffer-overflow buffer-overflow-attack buffer-overflow-exploit c clang exploits

Last synced: 6 months ago
JSON representation

using a buffer overflow exploit

Host: GitHub
URL: https://github.com/scarlet-oni/buffer-overflow-exploits
Owner: scarlet-oni
Created: 2025-01-14T11:39:59.000Z (11 months ago)
Default Branch: main
Last Pushed: 2025-02-12T05:48:21.000Z (10 months ago)
Last Synced: 2025-05-30T17:41:23.303Z (7 months ago)
Topics: buffer-overflow, buffer-overflow-attack, buffer-overflow-exploit, c, clang, exploits
Language: C
Homepage:
Size: 26.4 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.txt

Awesome Lists containing this project

README

           #######  ##  ##   ######   ####      #####    ####    ######    #####

  ##   #  ##  ##    ##  ##   ##      ##   ##    ##     # ## #   ##   ##

  ## #     ####     ##  ##   ##      ##   ##    ##       ##     #

  ####      ##      #####    ##      ##   ##    ##       ##      #####

  ## #     ####     ##       ##   #  ##   ##    ##       ##          ##

  ##   #  ##  ##    ##       ##  ##  ##   ##    ##       ##     ##   ##

 #######  ##  ##   ####     #######   #####    ####     ####     #####

_______________________________________________________________________

                                 ABOUT

_______________________________________________________________________

Description: Using a buffer overflow exploit

Repository: Buffer owerflow exploits

GCC-Compilier: 14.2.0

Tested on: Linux 6.11.2

Author: scarlet-oni

_______________________________________________________________________

                        #1 EXAMPLE OWERFLOW 

_______________________________________________________________________

gcc example_owerflow.c

./a.out 

// the variable buffer_1 is located in memory immediately after buffer_2, 

// 5 bytes are allocated for both lines, 

// if we exceed the input of the first buffer, 

// then it will replace other variables and starting from a certain size will cause the program to terminate

// input 8 bytes

./a.out 12345678

---

[ BEFORE ] buffer_2 info: 0x7ffc9eb5b4d2 | str2

[ BEFORE ] buffer_1 info: 0x7ffc9eb5b4d7 | str1

[ BEFORE ] value info: 0x7ffc9eb5b4dc | 5 (0x00000005)

[ STRCPY ] buffer_2 was writed 8 bytes

[ AFTER ] buffer_2 info: 0x7ffc9eb5b4d2 | 12345678

[ AFTER ] buffer_1 info: 0x7ffc9eb5b4d7 | 678

[ AFTER ] value info: 0x7ffc9eb5b4dc | 5 (0x00000000)

// input 10 bytes

./a.out 1234567891

---

[ BEFORE ] buffer_2 info: 0x7ffe162329c2 | str2

[ BEFORE ] buffer_1 info: 0x7ffe162329c7 | str1

[ BEFORE ] value info: 0x7ffe162329cc | 5 (0x00000005)

[ STRCPY ] buffer_2 was writed 10 bytes

[ AFTER ] buffer_2 info: 0x7ffe162329c2 | 1234567891

[ AFTER ] buffer_1 info: 0x7ffe162329c7 | 67891

[ AFTER ] value info: 0x7ffe162329cc | 0 (0x00000000)

// input 15 bytes 

./a.out 123456789123456

---

[ BEFORE ] buffer_2 info: 0x7ffd0e05b892 | str2

[ BEFORE ] buffer_1 info: 0x7ffd0e05b897 | str1

[ BEFORE ] value info: 0x7ffd0e05b89c | 5 (0x00000005)

[ STRCPY ] buffer_2 was writed 15 bytes

[ AFTER ] buffer_2 info: 0x7ffd0e05b892 | 123456789123456

[ AFTER ] buffer_1 info: 0x7ffd0e05b897 | 6789123456

[ AFTER ] value info: 0x7ffd0e05b89c | 892613426 (0x00000000)

// input 25 bytes

./a.out 123456789123456123456789

---

[ BEFORE ] buffer_2 info: 0x7fff97808d62 | str2

[ BEFORE ] buffer_1 info: 0x7fff97808d67 | str1

[ BEFORE ] value info: 0x7fff97808d6c | 5 (0x00000005)

[ STRCPY ] buffer_2 was writed 24 bytes

[ AFTER ] buffer_2 info: 0x7fff97808d62 | 123456789123456123456789

[ AFTER ] buffer_1 info: 0x7fff97808d67 | 6789123456123456789

[ AFTER ] value info: 0x7fff97808d6c | 892613426 (0x00000000)

zsh: segmentation fault (core dumped)  ./a.out 123456789123456123456789

_______________________________________________________________________

                      #2 NOTE SEARCHER EXPLOIT

_______________________________________________________________________

// launch

gcc -o notesearcher.o note_searcher.c

gcc exploit_notesearcher.c

./a.out

// You can set the offset yourself

./a.out 

______________________________________________________________________

                          LEGAL STATEMENT

______________________________________________________________________

By downloading, modifying, redistributing, and/or executing buffer-overflow-exploits, the

user agrees to the contained LEGAL.txt statement found in this repository.

I, scarlet-oni, the creator, take no legal responsibility for unlawful actions

caused/stemming from this program. 

Use responsibly and ethically!

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/scarlet-oni/buffer-overflow-exploits

Awesome Lists containing this project

README