#include<stdio.h>
hijack(){
printf("Hijacked");
}
GetInput(){
char buffer[8];
gets(buffer);
puts(buffer);
}
int main(){
GetInput(); //19
return 0;
}
This is the code...
when i place a break point at line 19..
and see the stackpointer i get...
0xbffff7f8: **0xbffff878** 0x0014bbd6 0x00000001 0xbffff8a4
0xbffff808: 0xbffff8ac 0x0012f858 0xbffff860 0xffffffff
The one n bold is stack top...
then after next instruction...i get..
0xbffff7e4: 0x0011e0c0 0x080484ab 0x0028aff4 0xbffff7f8
0xbffff7f4: 0x0804847f **0xbffff878** 0x0014bbd6 0x00000001
0x0011e0c0---------------------> ?????????????????
0x080484ab && 0x0028aff4 -----> the char buffer of 8 bytes...
0xbffff7f8----------------------> the ebp register
0xbffff7f8---------------------->return address...
And when i replace the register address with the address o function "hijack" it gives me a segmentation fault..
i am running this on ubuntu server 10.04...with PAE NX disabled...i checked it..
root@ubuntu:~# /usr/bin/check-bios-nx --verbose
This CPU is not PAE capable, so it does not have NX.
Pls help....