You can find the protostar there > Protostar
We have the source code of the binary :
We have a variable called
buffer with 64bytes buffer, then we have
argc (number of arguments passed) program name is one of them.
Then we have the
modified variable & the most important the vulnerable
strcpy -> doesn’t do any length checking
Then we have an if statement, if
modified == 0x61626364 we get the flag.
0x61626364 in Ascii is :
Let’s run the binary.
Let’s enter now 65bytes.
41 == A, we simple now add
abcd in little endian.
Let’s write an exploit now with
Let’s execute it.