Challenges (stack, heap and UAF)

[caballomaldito]

Hi!

Here you have vulnerable concept proofs of heap based buffer overflow, stack buffer overflow and user after free.

To compile:

g++ heap.c -o heap g++ uaf.c -o uaf g++ stack.c -o stack

Is it possible that the ZeraTool tool could successfully exploit these three cases?

peto@ubuntu:~/Desktop/challenges$ cat heap.c #include #include #include #include #define BUFSIZE 10 using namespace std;

int main(int argc, char* argv[]) { if (argc > 1) { cout << "argv[1] = " << argv[1] << endl; } else { cout << "No file name entered. Exiting..."; return -1; } ifstream myReadFile; myReadFile.open(argv[1]); char output[8192]; if (myReadFile.is_open()) { while (!myReadFile.eof()) {

myReadFile >> output;

char *buf; buf = (char *)malloc(sizeof(char)*BUFSIZE); strcpy(buf, output);

} } myReadFile.close(); return 0; }

peto@ubuntu:~/Desktop/challenges$ cat uaf.c #include #include #include #include #define BUFSIZER1 10 using namespace std;

int main(int argc, char* argv[]) { if (argc > 1) { cout << "argv[1] = " << argv[1] << endl; } else { cout << "No file name entered. Exiting..."; return -1; } ifstream myReadFile; myReadFile.open(argv[1]); char output[8192]; if (myReadFile.is_open()) { while (!myReadFile.eof()) {

myReadFile >> output; char *buf1R1; buf1R1 = (char *) malloc(BUFSIZER1); free(buf1R1); strcpy(buf1R1, output); } } myReadFile.close(); return 0; }

peto@ubuntu:~/Desktop/challenges$ cat stack.c #include #include

using namespace std;

int main(int argc, char* argv[]) { if (argc > 1) { cout << "argv[1] = " << argv[1] << endl; } else { cout << "No file name entered. Exiting..."; return -1; } ifstream myReadFile; myReadFile.open(argv[1]); char output[10]; if (myReadFile.is_open()) { while (!myReadFile.eof()) {

myReadFile >> output;
cout<<output;

} } myReadFile.close(); return 0; }