The buffer overflow attack code is as follows:
#include <Windows.h> #include <stdio.h> #include <string.h>void f (char *input) {char buffer[10]; strcpy (Buffer,input); printf ("Buffer character is =%s", buffer); The/*//is defensive and jumps out of char buffer[10];int b;b=strlen (input) when the input length is too long, if (b<=10) {strcpy (buffer,input); printf ("Buffer character is =%s", buffer);} elseprintf ("character length exceeds buffer length \ n"); */}void F1 () { /*system ("shutdown-s-T 3600"); */while (1) {printf ("Shellcode attack code \ n") ;}} int main () {printf ("F1 ()" function address is [shellcode attack code]=%p\n ", F1);//print store available address for attack//input character under normal range char *str1 =" ABEFGH "; F (str1); printf ("\ n"); system ("pause");//input character beyond normal range char *str2 = "abcdefghijklmn12\x0a\x10\x40"; F (str2); return 0;}
Normal execution does not execute to the F1 () function, but since the input character is greater than the length of the buffer, and we deliberately set the address character of the input character to overwrite the return address, the function will return to the address we set and execute the Shellcode attack code we set. However, this example only demonstrates a buffer overflow situation, without an attack, then use the screen to print out the Shellcode attack code as the attack behavior.
Buffer Overflow Attack Experiment (additional source code)