You can find the protostar there > Protostar
Let’s solve this now without the source code.
Let’s run the binary first & check what it does.
1 |
|
Takes a user input, let’s find out if the binary is vulnerable.
1 |
|
segfault
confirms that binary is vulnerable to buffer overflow.
Let’s find now the size of the buffer (exact number of characters that overwrite the EIP)
1 |
|
Perfect, if we run objdump
we can see the win
function :
1 |
|
objdump
-> disassembler
We can now build our exploit, we know the buffer 64bytes
& we have the address of the win
function.
1 |
|