Re: Stack Confusion with Buffer Overflow

Markus Pitha <markus@xxxxxxxxxx> writes:

> Hello,
>
> at the moment I read a book called "Forbitten Code". In this books are
> examples but they never work for me, although I'm sure that I understood
> everything.
> I want to describe the example. It is about getting root permissions on
> the own computer with help of a buffer overflow.
> First of all there is the vulnerable program:
> [...]
> When I start vuln with the parameters, I just get a SEGMENTATION FAULT
> instead of root-rights.
> First I thought that the shellcode could be wrong but in an earlier
> example I managed it to get root-privileges, but _only_ once.
> Can anybody imagine where this example fails?

What do you think Linus and all the kernel hackers have been doing all
this time? Getting a sun tan on a Carabean beach?


--
__Pascal Bourguignon__ http://www.informatimago.com/

"This statement is false." In Lisp: (defun Q () (eq nil (Q)))
.