各位大神请看:
Linux下(bof.c文件):
#include
int main(int argc, char **argv) {
char buffer[256];
if(argc != 2) {
exit(0);
}
printf("%p\n", buffer);
strcpy(buffer, argv[1]);
printf("%s\n", buffer);
return 0;
}
然后编译:
$ gcc -m64 bof.c -o bof -z execstack -fno-stack-protector
运行:
$ ./bof $(python -c 'print "A" * 300')
结果:
0x7fffffffdcd0
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAA
Segmentation fault (core dumped)
在下想问的是:运行时的那句命令行(即$ ./bof $(python -c 'print "A" * 300'))是什么意思?
上面的例子是在下从网上看到的,在下Linux懂的不多,还望大神们指点。
能否正确理解那句话,关乎到在下能否很好地完成作业,所以还望有知道的大神不吝赐教,在下先行谢过!