SCU【C】程序设计基础期末安全项目lab2-Deadbeef-writeup(附题目&源码)
| 项目名称 | 和lab1一样,此题又是美国卡耐基梅隆大学的平时作业哈哈哈 Lab2-Deadbeef(本质:栈溢出攻击) | |||||||||||
| 项目环境 | 表1 项目开发环境
题面: | |||||||||||
| 项目过程和结果的描述 |
大家都知道函数返回值要么是int要么是bool类型吧,然而这道题要我们的函数返回值是0xdeadbeef ??? 怎么办?我的想法是栈溢出,暴力更改函数返回值。 源码: /* bufbomb.c * * Bomb program that is solved using a buffer overflow attack * * program for CS:APP problem 3.38 * * used for CS 202 HW 8 part 2 * * compile using * gcc -g -O2 -Os -o bufbomb bufbomb.c */ #include #include #include /* Like gets, except that characters are typed as pairs of hex digits. Nondigit characters are ignored. Stops when encounters newline */ char* getxs(char* dest) { int c; int even = 1; /* Have read even number of digits */ int otherd = 0; /* Other hex digit of pair */ char* sp = dest; while ((c = getchar()) != EOF && c != '\n') { if (isxdigit(c)) { int val; if ('0' |
