Hello!
I tried to cause a buffer overflow, and i need some expert here.
I want to call the "callme" function in the little program i've written below:
Okay now, what i want is to redirect the flow:Code:#include "stdio.h" #include "stdlib.h" void io(void); void callme(void); int main() { io(); return 0; } void io(void) { char input[16]; printf("input:\n"); scanf("%s", input); printf("%s\n", input); } void callme(void) { printf("you made it!\n"); }
from main to io()
from io() instead of return to main() i want to go to callme(), and then i dont care anymore.
with gdb i found out that the callme address should be:
0x4013db
40 13 db
-> to little endian
db 13 40
-> to decimal
219 19 64
-> to ascii
Û @
okay, now I am not sure where to enter this, when receiving an input, it crashes when i put in 24 characters. 23 is okay. But does that mean my return address is stored at the 24th? Probably not.
i tried input values like:
abcdefghijklmnopqrstuvwÛ @
but the program simply crashed, and
abcdefghijklmnopqrstuvÛ @
just did nothing, it printed it again.
I'm still a beginner in this field, I'm happy with any advice! Even if I'm terribly wrong with what I did so far!
