The programs basic_overflow is susceptible to a stack-based buffer overflow. Your task is to exploit this fact by writing suitable shellcode. Write and submit a commented script that writes your exploit to stdout, such that the output can be used as the argument for the target program. After spawning the shell, you should be able to retrieve the flag located within the same directory.

#include #include #include // vulnerable function int overflow_me(char* input) { char buff[80]; printf("Buffer is at %p ", &buff); // buff's address is leaked :O strcpy(buff, input); return 1;

} int main(int argc, char *argv[]) { if(argc < 2) { printf("Syntax: %s ", argv[0]); exit (0); } overflow_me(argv[1]); return 0; }

First analyze the program basic_overflow. Before writing your exploit, think about how many bytes are needed to overwrite the return address and how you can inject your shellcode into the process. The target program helps you by printing the address of the buffer during execution. Suppose buffer address is 0xffff3df0. My task is to submit a bash script "solution.sh" that outputs an argument that I can use it in the above C program to spawn the shell and read the flag.