code injection - passing arguments


As a preamble, this is a for a school assignment and thus for educational purposes.

I'm trying to use a buffer overflow vulnerability to inject a return address that points to a function. The twist is, the function needs an argument that should be stored in edx when it executes. My idea is to use the following assembly code:

mov $0xdeadbeef, edx
push $0xabcdef

where deadbeef is the value I need and abcdef the address of the function.

I constructed a payload that is as follows: 2 bytes of padding, 15 bytes of shellcode, another 7 bytes of padding, 4 bytes of the return address in the stack (basically I'm sending back the pointer to what I just input into the buffer and tell him to interpret it as instructions). I've been trying for hours but it seems to simply not work (segfault). Any ideas/pointers?

asked on Stack Overflow Nov 15, 2017 by S. L. • edited Nov 15, 2017 by Jester

0 Answers

Nobody has answered this question yet.

User contributions licensed under CC BY-SA 3.0