Simple Stack Overflow

What is a Stack Overflow?

A stack overflow takes place if the call stack pointer exceeds the stack bound! In other words, it’s due to excessive memory usage.

What do you need?

  • Immunity debugger
  • Dev C++ or CodeBlocks

What do you need to do?

To start off, fire up Dev C++!

 

Code used to help you amazing people to understand how a stack overflow works!

#include <string.h>  This is including the libraries, the string library
#include <stdlib.h>  This is including the standard library.


void copyToBuffer(char* text){  


This function (Copytobuffer function), recieves a message from the main function.  Char means character, and text means text! The purpose of this function is to initialize an array or a buffer. Array of letters/words called buffer (Buffer array) - Where the text is copied in to.

char buffer[15];

This sets the Buffer limit to 15 letters/characters. Anything that exceeds this will cause an overflow!


strcpy(buffer, text);


}

Strycpy means ‘string copy’.  What this function does, is copies the text in to the buffer array.



Now we shall create the main function.

int main(int argc, char* argv[1])

 {

 ‘Int main’ means we are returning an integer. What this function is, is where the user will control the input for the program.

Now we need to initialize a local variable that is going to store the arguments that a user will specify which are then going to be initialized in the main function which we are going to be calling the ‘copy to buffer function’.


int var_int = 1;

This is the local integer variable.

Now we will call the the copytobuffer function!

copyToBuffer(argv[1]);

return 0;
}

 

Alright! If you are looking for the code,  here is what it should look like, including all the indentations etc!

Now, let’s get onto the fun stuff. If you are using Dev C++, you can go ahead and click on the execute button and hit rebuild all. Once this is done, save it to your desktop, and run it. Don’t worry if just a blank screen comes up, that’s because a user must specify an input. That’s why if one enters anything more than 15 characters, an overflow takes place! I’ll show you this in immunity.

What to do with Immunity Debugger?

  • Now, open up Immunity Debugger. This time we will be working with the registers and the stack itself. The bottom right window( FOUR WINDOWS ALTOGETHER), is the window for the stack.
  • Open up the stack executable.
  • If you do not provide any arguments where it asks, what you will find is that the program will run without any errors, because we have not essentially provided any data that would execute the overflow.
  • If we open up the stack program with characters more than 15 times in the arguments sections, you shall see it’s in its paused state.
  • This is the classic error. 61616161 is an error in hexadecimal. This is because of our input, we have exceeded the buffer and the fact the 61 is a hex character. Now, it says It is not readable. What happened is, all the data after the buffer, was exceeded, was transferred to the EAX register. This may be confusing, but trust me, it isn’t daunting.
  • Now let’s take a look at the stack window, at the bottom right. At the mdsp, we can see the maximum allowed in the buffer, and it continued to print out the other ones into the EAX register which is not supposed to happen as that data should not be transferred to the EAX register.
  • The rest of the input was then moved/filled into the EAX register and the application then essentially has an error as it cannot execute 61616161. Which is in hex

This was a simple stack overflow. This explains how it works. To learn more advanced things, keep tuned in for more videos.

Keep hacking and keep learning. I hope to see you next time. Thanks

Liked it? Take a second to support Alexis on Patreon!
Share this post

Leave a Reply

Your email address will not be published. Required fields are marked *