Return

programmers pls help.

1 Name: Anonymous 2021-03-31 23:57
https://i.imgur.com/A7rE6sY.jpg

if the address stored in ret is stored in buffer, why isnt that shown in memory when buffer is examined?
2 Name: Anonymous 2021-03-31 23:59
https://i.imgur.com/cGD6xyn.jpg

heres a pic of the memory
3 Name: Anonymous 2021-04-01 00:05
In gdb you should be able to view assembly and registers. Check rax.
4 Name: Anonymous 2021-04-01 00:27
>>1
because you've got a comment asterisk
at the beginning of line 25
5 Name: Anonymous 2021-04-01 08:21
or is that a multiplication thing ?
probably
is that supposed to be at the beginning of the line ?
6 Name: Anonymous 2021-04-01 20:10
Actually, 0xbffff6f6 is the return address of your shellcode: if you look a bit past the first 40 bytes, you should see a lot of 0x90 (nop) and after a while the shellcode.
Also notice that many stack addresses looks like 0x?ffff???, and since the buffer is stored on the stack, it checks out
7 Name: Anonymous 2021-04-01 20:14
>>3
i cant its from a book
>>4
that looks like a dereference operator though
>>5
its a dereference operator
8 Name: Tobkike 2021-04-01 20:20
>>1
fuck off cunt, i'm not doing your homework for you
9 Name: Anonymous 2021-04-01 20:23
>>6
https://i.imgur.com/dc4DmxB.jpeg
hmm, i assumed 0xffff6f6 was the value put by bzero. past the 40 bytes is the same i think, there was a breakpoint set on line 26 so x90 and the shellcode wouldnt be in memory at this point i think. pic related is at the next breakpoints.
10 Name: Anonymous 2021-04-01 20:25
>>8
not my homework
11 Name: Anonymous 2021-04-01 20:32
>>7
it's been over 25 years since i programmed
so yeah
i designed and wrote most of the programs that haul yo ass into court, so that's about the limit
of my experience
and i have no experience in memory programming so whatever
just before i quit work, they were going to teach me java
but i'd rather drink it :)
sorry i couldn't help
this is a good hard short level in wolfenstein 2 btw
https://www.youtube.com/watch?v=UTUUnbr5d4E
12 Name: Anonymous 2021-04-01 20:52
>>1
Haven't done this in forever, I should get back into it lol.
i assumed 0xffff6f6 was the value put by bzero
Nope, as the name suggests bzero will copy 0's there.
past the 40 bytes is the same i think
They copy it to the first 160 bytes, 40 pointers so that's to be expected.
the shellcode wouldnt be in memory at this point i think
Correct, what they should have said is after all that is run and the buffer is ready after the first 60 bytes will be the shellcode. The way its actually organized is:
the first 60 bytes NOP's, the shellcode immediately after, then the return addresses aligned to the next 4 bytes.

Return
Name:
Leave this field blank: