Find the answer to your Linux question:
Results 1 to 4 of 4
Hi everyone... Well, I started learning an attack vector called "Format String Attack". Basically I'm following this text. However, when I run the testing program cited there with the "%x ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Nov 2007
    Posts
    8

    Trouble with the Format String Attack


    Hi everyone...

    Well, I started learning an attack vector called "Format String Attack". Basically I'm following this text. However, when I run the testing program cited there with the "%x %x %x %x" as its argument, I don't see the 1 that should have been printed. Instead, the output is something like:

    Code:
    buffer (19): 0 0 ff887830 bf5658
    x is 1/0x1 (@ 0xff887778)
    Can some one help me with this?

  2. #2
    Linux Engineer RobinVossen's Avatar
    Join Date
    Aug 2007
    Location
    The Netherlands
    Posts
    1,429
    I can help you with it.
    But I am not sure I should..
    Why do you want to learn this? Its not that I dont trust you. But its that I dont get the point of learning something like this for a Ethical Purpose.

    Well, tell me where do you get stuck?

    cheers,
    Robin
    New Users, please read this..
    Google first, then ask..

  3. #3
    Just Joined!
    Join Date
    Nov 2007
    Posts
    8
    Quote Originally Posted by RobinVossen View Post
    I can help you with it.
    But I am not sure I should..
    Why do you want to learn this? Its not that I dont trust you. But its that I dont get the point of learning something like this for a Ethical Purpose.

    Well, tell me where do you get stuck?

    cheers,
    Robin
    First of all, I have NO criminal/malicious interests. I'm learning this out of PURE curiosity.
    Second, I already pointed out where I get stuck... I run the sample program listed in the paper but it's output differs from the expected (i.e - I don't see the value of the local varaible x [1]).

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Engineer RobinVossen's Avatar
    Join Date
    Aug 2007
    Location
    The Netherlands
    Posts
    1,429
    Ah, well since I dont know you and tus dont trust you (Sorry, no offence)
    And I know how I can held responsible if I tell you what to do. (In my country Ill get a small fine).

    All I say: "ShellCoders Handbook 2th, Page 61"

    Hope that helped.

    Cheers,
    Robin
    New Users, please read this..
    Google first, then ask..

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •