O'Reilly logo
  • Alain O'Dea thinks this is interesting:

reader@hacking:~/booksrc $ gcc exploit_notesearch.c reader@hacking:~/booksrc $ ./a.out [DEBUG] found a 34 byte note for user id 999 [DEBUG] found a 41 byte note for user id 999 -------[ end of note data ]------- sh-3.2#


Cover of Hacking: The Art of Exploitation, 2nd Edition


notesearch needs to have been compiled without stack protection (-fno-stack-protector) for this exploit to work.