Mon. Sep 21st, 2020

Ethical Hacking Playground

hacking is curiosity

Stack Based 0x3

Setting up the Debugger

We need to download PEDA (Python Exploitation Development Assistance). This makes exploiting binary’s easy.



git clone ~/peda
echo "source ~/peda/" >> ~/.gdbinit
echo "DONE! debug your program with gdb and enjoy"

Stack Overflow

Create a file called vuln2.c and copy this source code into it


#include <string.h>
#include <stdio.h>

void shell() {

void vuln(char *arg) {
        char buff[100];
        strcpy(buff, arg);

int main(int argc, char **argv) {
        printf("\n%s\n", argv[1]);

Make sure to disable ASLR:

echo 0 > /proc/sys/kernel/randomize_via_space


gcc -z execstack vuln2.c -o vuln2


Okay, so in this one we have a function called shell(); inside the code which is not being called anywhere, but we want to control the eip disassemble the shell function get the memory address at the start of the shell(); function and craft our exploit so we call the shell(); function.