Simple Buffer Overflow


The form below calls a C program with a simple buffer overflow vulnerability. The "name" variable can overflow into the "cmd" variable.

Here's the source code:

Vulnerable Form

Try putting in a short name, and then make the name longer until you get unexpected results.

For a good time, try this string:

Your name:    

Challenge 1: Long List

Execute the "ls -l" command by entering a crafted name, so it shows file details, as shown below.


Spaces end the string prematurely, so use \$IFS instead, or enclose the whole thing in apostrophes.

Challenge 2: Add Your Name to the Hall of Fame

Put your name in this file:

After one minute, your name will appear on the WINNERS page here:

Source code and explanation


I based this on the "pwn1" and "pwn2" challenges in the 2015 SCTF competition.

Posted 4-3-16 by Sam Bowne
Last modified 12-23-17