Protostar/Stack 0

If you get stuck, you can watch the solution and explanation here:

We will write our first Buffer Overflow for the stack0 level of exploit-exercises.com.

This level introduces the concept that memory can be accessed outside of its allocated region, how the stack variables are laid out, and that modifying outside of the allocated memory can modify program execution.

This level is at /opt/protostar/bin/stack0

stack0.c

#include <stdlib.h>
#include <unistd.h>
#include <stdio.h>

int main(int argc, char **argv)
{
  volatile int modified;
  char buffer[64];

  modified = 0;
  gets(buffer);

  if(modified != 0) {
      printf("you have changed the 'modified' variable\n");
  } else {
      printf("Try again?\n");
  }
}

See also

This video introduces http://exploit-exercises.com, how to connect to the VM with ssh and explains what setuid binaries are.

We have a look at stack level 0 from exploit-exercises.com/Protostar and compile it on a current Ubuntu, to see if it's still exploitable.

In part 2 we have a closer look at stack0 on a modern system. We are trying to plan an exploit that works in case we can guess the stack cookie. We have to be a bit creative here.

This is a mirror. Copyright and original can be found here: exploit-exercises.com/protostar/stack0/