Trouble with the Format String Attack

[Master Blaster]

Hi everyone...

Well, I started learning an attack vector called "Format String Attack". Basically I'm following this text. However, when I run the testing program cited there with the "%x %x %x %x" as its argument, I don't see the 1 that should have been printed. Instead, the output is something like:

Code:

buffer (19): 0 0 ff887830 bf5658
x is 1/0x1 (@ 0xff887778)

Can some one help me with this?

[RobinVossen]

I can help you with it.
But I am not sure I should..
Why do you want to learn this? Its not that I dont trust you. But its that I dont get the point of learning something like this for a Ethical Purpose.

Well, tell me where do you get stuck?

cheers,
Robin

[Master Blaster]

I can help you with it.
But I am not sure I should..
Why do you want to learn this? Its not that I dont trust you. But its that I dont get the point of learning something like this for a Ethical Purpose.

Well, tell me where do you get stuck?

cheers,
Robin

First of all, I have NO criminal/malicious interests. I'm learning this out of PURE curiosity.
Second, I already pointed out where I get stuck... I run the sample program listed in the paper but it's output differs from the expected (i.e - I don't see the value of the local varaible x [1]).

[RobinVossen]

Ah, well since I dont know you and tus dont trust you (Sorry, no offence)
And I know how I can held responsible if I tell you what to do. (In my country Ill get a small fine).

All I say: "ShellCoders Handbook 2th, Page 61"

Hope that helped.

Cheers,
Robin