C validating input char
Data validation rules can be defined and designed using any of various methodologies, and be deployed in any of various contexts.
Data that does not conform to these rules will negatively affect business process execution.
Thus by sending crafted input vectors, an attacker can exploit this issue to read values from the stack, write values to stack, read memory address values and so on.
As part of this lab exercise, we will have an example C program which is vulnerable to Format Strings attack and how it can be exploited to view the stack values, write values to the stack and so on. From your Kali Linux VM, open up a terminal and type the below command: This would open a text editor.
For example, the attacker may supply characters such as %x as part of input data, and when it is parsed by the Format Function, the conversion happens as specified.
However, the Format function expects arguments corresponding to this, but when they are not supplied, it reads from the stack.
Also make sure to supply the exact number of argument with the argument type.
To fix the issue exploited in the above examples, just add “%s” to the printf function as shown below: #include int main(int argc, char *argv) Now compile and run the above code to see the result.
In other words, If we were to pass the string AAAA%2$n, we would write the value to the 2 address.Now enter the C source code below and save the file in any location (say desktop) The above program simply reads an input string and displays it back to the user.While running the program supply any random value as argument.The next %n format writes this value to variable “b”.Thus by using the %n character an attacker can write values into the memory.
Observe that this value is shown after eight addresses on the stack.