Simple Buffer Overflow
The form below calls a C program with a simple buffer overflow
vulnerability. The "name" variable can overflow into the
Here's the source code:
Try putting in a short name, and then make the name longer until you get
For a good time, try this string:
Challenge 1: Long List
Execute the "ls -l" command by entering
a crafted name,
so it shows file details,
as shown below.
Spaces end the string prematurely,
so use \$IFS instead, or enclose the whole
thing in apostrophes.
Challenge 2: Add Your Name to the Hall of Fame
Put your name in this file:
After one minute, your name will appear
on the WINNERS page here:
Source code and explanation
I based this on the "pwn1" and "pwn2"
challenges in the
Posted 4-3-16 by Sam Bowne
Last modified 12-23-17