From owner-freebsd-questions@FreeBSD.ORG Mon Oct 18 06:39:06 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1BB8316A4CE for ; Mon, 18 Oct 2004 06:39:06 +0000 (GMT) Received: from kane.otenet.gr (kane.otenet.gr [195.170.0.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id 18B4B43D41 for ; Mon, 18 Oct 2004 06:39:04 +0000 (GMT) (envelope-from keramida@ceid.upatras.gr) Received: from gothmog.gr (patr530-a159.otenet.gr [212.205.215.159]) i9I6d00p012767 for ; Mon, 18 Oct 2004 09:39:02 +0300 Received: from gothmog.gr (gothmog [127.0.0.1]) by gothmog.gr (8.13.1/8.13.1) with ESMTP id i9I6cwJh000929 for ; Mon, 18 Oct 2004 09:38:58 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Received: (from giorgos@localhost) by gothmog.gr (8.13.1/8.13.1/Submit) id i9I6cvjt000928 for freebsd-questions@freebsd.org; Mon, 18 Oct 2004 09:38:57 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Date: Mon, 18 Oct 2004 09:38:57 +0300 From: Giorgos Keramidas To: freebsd-questions@freebsd.org Message-ID: <20041018063857.GA827@gothmog.gr> References: <4172F3D2.8040200@uiowa.edu> <20041018000118.GB664@gothmog.gr> <20041017204152.4046638e@dolphin.local.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20041017204152.4046638e@dolphin.local.net> Subject: Re: No Buffer Overflow X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Oct 2004 06:39:06 -0000 On 2004-10-17 20:41, "Conrad J. Sabatier" wrote: > On Mon, 18 Oct 2004 03:01:18 +0300, Giorgos Keramidas > wrote: > > On 2004-10-17 17:36, Jason Dusek wrote: > > > I am reading an intro to shell-coding, and the following program is > > > used as a simple example of vulnerable code: [...] > > > When I run this code like this: > > > 18 > vuln > > > Segmentation fault (core dumped) > > > In the tutorial this line: > > > 19 > vuln `perl -e 'print "A"x256 . "BBBB" . "CCCC"'` > > I'm glad you replied to the OP, because the way he was showing his > attempts to run the program, it looked like he was invoking some > programs called "18" and "19" and redirecting their stdout to "vuln". I assumed this was the history-number of the current command because their difference was only 1. If the two numbers had a difference of more than 1, I'd probably ask first. > You must have already been familiar with the book or tutorial he was > referring to. :-) Not really. I was just guessing, since a lot of people use %! in their tcsh prompt (or \! in bash).