root-me:x86 stack overflow basic3

x86 stack overflow basic3

general

from the code source we found:
* we could control the index of array buffer to be a negative value,an important feature of array is that we could read or write the content near the base address of an array.
* send 0x08 to make index value count point to right area(check),then send 0xbfffabc

step

locate the check position:

so its stack layout is:

send four bytes \x08 make count be -4
send little endian 0xbfffabc

exploit

run it:

Leave a Comment

电子邮件地址不会被公开。 必填项已用*标注