You can find the protostar there > Protostar
We have the source code of the binary :
We have a variable called
buffer and has 64bytes buffer. Also we have another variable called
modified and has
Then we have the vulnerable
gets doesn’t check while getting bytes.
Then we have an if statement that checks if the value of
modified is not
0. So we have to change the value of that variable.
Let’s fire up
We can see there the vulnerable
gets() function :
Let’s add a
breakpoint after the
gets() function & execute it.
Let’s check now the
We can see this
0x41414141 digits in memory.
0x41 = A
Also we can see
0x00000000 value, that’s probably the
modified = 0 variable.
Now let’s input more than 64bytes.
We can see memory is now full of our
0x41 = A and the
0x00000000 value, now is overwritten with single 0x41 value, that means we got the flag.
Let’s write an exploit now with