I want to exploit a stack based buffer overflow for education purposes.
There is a typical function called with a parameter from main, which is given as input from the program a local buffer where the parameter is saved. Given an input such that nops+shellcode+address_shellcode
, I will exploit it.
After debugging with gdb I found the address of the shell code as it will pass as a parameter, and right after the strcpy
I examine the stack and the $ebp+8
which is the return address has successfully overwritten with the address of the shell code. So I have what I want. But when I stepped forward the execution I got:
->shellcode_address in ?? ()
and then
Cannot find bound of current function
The return address has the value that I want. Any ideas what is happening?
Also when I execute it I got a segmentation fault and I have compile it with -g -fno-stack-protector
. Why?