Yes but the statement strcpy(buffer, argv[1]) copies the characters in argv[1] to buffer without any sort of bounds checking. So, if there are more than 100 characters, it will start overwriting the stack after the end of the space allocated for buffer. And yes, the command line to turn off protections and disable ASLR so it can be exploited:
Then I can simply inject shell code onto the stack using a Perl file.Code:gcc –o vuln –fno-stack-protector –z execstack vulnerable.c chmod 4755 vuln sudo sysctl –w kernel.randomize_va_space=0
