You can find the protostar there > Protostar
Let’s check the source code :
1 |
|
We have a function win
, a variable buffer
with 64bytes buffer and the vulnerable function gets
gets
-> doesn’t check while getting bytes.
Let’s run the binary.
1 |
|
It takes an input, let’s check it is vulnerable.
1 |
|
Now let’s find the offset.
1 |
|
Perfect, now let’s find the address of win
function.
1 |
|
Let’s make the exploit now.
1 |
|
1 |
|